5a845f48e557e84eaaf12eadd528e5cc174b8e1aed88b6c43ddb7bb90e559112 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a845f48e557e84eaaf12eadd528e5cc174b8e1aed88b6c43ddb7bb90e559112
Size

412KB
MD5

c4b2a415fb5ab74229fbcb4996d7b03a
SHA1

61a3c5b7c66e9361e051959e73b84491130fb9f7
SHA256

5a845f48e557e84eaaf12eadd528e5cc174b8e1aed88b6c43ddb7bb90e559112
SHA512

0e0048393e814e1f95f18be7cb480c23b5f236f883e8fab4c1c7e71840d2f2b65264d9a681c666db11737fb1603daba656b0e88ecde37c246d5834ee9f59b1fd
SSDEEP

12288:SVjTYErsH+MjUnjo2VUs3U15QnAVazN/wVTE:ecSsH+DyOUEAVYeW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a845f48e557e84eaaf12eadd528e5cc174b8e1aed88b6c43ddb7bb90e559112

Files

5a845f48e557e84eaaf12eadd528e5cc174b8e1aed88b6c43ddb7bb90e559112
.dll windows:4 windows x86 arch:x86

7f6b09b5156d71851d9382d34c2d2634

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

SendDriverMessage
CloseDriver
timeEndPeriod
timeBeginPeriod

shlwapi

SHCopyKeyW
SHDeleteKeyA
SHQueryValueExW
SHEnumKeyExA
PathIsRootA

user32

ReleaseDC

advapi32

RegLoadKeyA
GetUserNameA

kernel32

HeapAlloc
GetTickCount
GetComputerNameW
GetWindowsDirectoryA
HeapFree
BackupRead
CallNamedPipeA
CancelIo
GetCommandLineW
LocalFree
GetDriveTypeA
GetStdHandle
DeleteFileA
DeviceIoControl
DisconnectNamedPipe
GetMailslotInfo
GetModuleFileNameA
GetProcessHeap
GetProcessVersion
ReleaseMutex
GetThreadLocale

msvcrt

rand
toupper

version

GetFileVersionInfoSizeA

shell32

CommandLineToArgvW

ole32

OleRun

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ