524e889566a825f38ffd162c41e766e0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

524e889566a825f38ffd162c41e766e0N.exe
Size

59KB
MD5

524e889566a825f38ffd162c41e766e0
SHA1

4c94cba92a3cb925318cc9b73be452b0bd501181
SHA256

3364eb511ad44d4c478c151a6637067304a9126b21172fbc26998bb1d50bd64e
SHA512

e94e79856332eb3ebe694158d9771edaee5f02d59ccd2fc17a00f4e59b96d001777241066ea2607910bd83b61fb538a38c0863fa1cb69f0af49a0efc723c2a57
SSDEEP

1536:xAVpYPLsUDbXUzzqNANl9isgM5myeteYOH3p4Pel9r:GVpYPx3S2K3ks3ff3p409r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
524e889566a825f38ffd162c41e766e0N.exe

Files

524e889566a825f38ffd162c41e766e0N.exe
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

VGSDHSJK
Size: - Virtual size: 160KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VGSDHSJK
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE