57d377d9a0533b828af3ad8026ed2a35c1a83ad0c133c475747afa0628ab5142 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57d377d9a0533b828af3ad8026ed2a35c1a83ad0c133c475747afa0628ab5142
Size

42KB
MD5

ba59e5948fcae858dbb5a4edbcff1d2b
SHA1

edb27cbb7f6fc032171326b1a74bf497db18d3f9
SHA256

57d377d9a0533b828af3ad8026ed2a35c1a83ad0c133c475747afa0628ab5142
SHA512

b7e6cecc973c3f2973448e54bdb2b287c29b358e251aa9c61cb95cbcbbabf0241644dc5a854e37acfbe658f117827fcbb7a9700a3dad513f9e1fe83549428056
SSDEEP

768:6Pb4oq6bv2miEvdzobTLpXmpUcJFzzfO3l7KAEaPQhl635xQHr5:ABAFPpX7gFvOl7Aygm5xQL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57d377d9a0533b828af3ad8026ed2a35c1a83ad0c133c475747afa0628ab5142

Files

57d377d9a0533b828af3ad8026ed2a35c1a83ad0c133c475747afa0628ab5142
.dll windows:1 windows x86 arch:x86

bf00ca0115f6d3dc54def7d6cafa9453

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ReadFile
GetACP
GetOEMCP
GetCPInfo
WriteConsoleA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
GetStringTypeA
HeapFree
ExitProcess
DeleteFileA
SetHandleCount
GetStdHandle
SetFilePointer
GlobalAlloc
WriteFile
GlobalFree
GetFileType
GetTickCount
CloseHandle
GetProcessHeap
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapAlloc
Sleep
GetVersion
GetCurrentThreadId

user32

MessageBoxA

Exports

Exports

MaxExtStepSize
Trunc
act43850

Sections

.edata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.CRT$XIA
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 28B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE