5417b6f5994b19e50530102714e0b32c29baf30aaa356fd1979bd81528ce45e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5417b6f5994b19e50530102714e0b32c29baf30aaa356fd1979bd81528ce45e6
Size

63KB
MD5

adac438deadefd73ce8e14c96b90692b
SHA1

747a3e7be56729ba9a7ab0514ba82bfc28e04a37
SHA256

5417b6f5994b19e50530102714e0b32c29baf30aaa356fd1979bd81528ce45e6
SHA512

256de904730bc1c40dbacab0d1baf6508e291575839598979391409ad37fe71d25c0a57b9c9990bce8ae8a116c4c8e5b8ac71af8e1bd88a6039d15c61404e125
SSDEEP

1536:vCZkiNX0YeR4MDGn0poVibqxfHrzWDriCYBQ0:vSkiNk9X/o0qVLzXxBr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5417b6f5994b19e50530102714e0b32c29baf30aaa356fd1979bd81528ce45e6

Files

5417b6f5994b19e50530102714e0b32c29baf30aaa356fd1979bd81528ce45e6
.exe windows:4 windows x86 arch:x86

2f9db94585250d7fc89cba65be450dfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetComPlusPackageInstallStatus
ExpungeConsoleCommandHistoryA
IsThreadpoolTimerSet
CheckRemoteDebuggerPresent
LoadLibraryA
CheckForReadOnlyResourceFilter
LocalUnlock
SetConsoleScreenBufferSize

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE