a5d93c31b71ddbd1ba94ca209a381990N | Triage

Sharing

General

Target

a5d93c31b71ddbd1ba94ca209a381990N
Size

338KB
MD5

a5d93c31b71ddbd1ba94ca209a381990
SHA1

a13ec8a6b50b1d58775e4316ccc54c56e54516fd
SHA256

3df874113284df500cfee2b2c1443c63664311880dce00e6b658b26733219f97
SHA512

92c16cfa0faf9942fb5497dafb3439ae267ececb58e4406869b9f25be53b720542c0cef281f7154ba4ba1579e16f882548ef4d3dd1ea555075656667194ad7eb
SSDEEP

6144:sumNLcvUqhBYn9paYst+jS2jskUvHa8hB5XjfYJMiF8XN6MmlB2dKxiBDF03AFU:sudvBPYOT8e2jskUvLZX7SM484B6K+hM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5d93c31b71ddbd1ba94ca209a381990N

Files

a5d93c31b71ddbd1ba94ca209a381990N
.exe windows:4 windows x86 arch:x86

a2f9eb5ffe39aa39b023a72bf270832e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
WaitForMultipleObjects
GetStdHandle
GetAtomNameA
GetConsoleCP
HeapReAlloc
HeapCreate
GetSystemDefaultLangID
SetConsoleCP
GetVersion
GetTickCount
GetCommandLineA
SuspendThread
LoadLibraryExA
CloseHandle
GetModuleHandleA
WaitForSingleObject
InterlockedExchange
CompareFileTime
lstrlenA
VirtualProtect

user32

SetPropA
GetKeyState
SetWindowPos
CreateIcon
EnableScrollBar
DestroyMenu
InsertMenuA
CreateMenu
InvertRect
GetCursorInfo
FindWindowA
CopyImage
FillRect
GetDlgItem
SetScrollInfo
DrawCaption
DialogBoxParamA
IsDialogMessage
DispatchMessageA
DragObject
GetKeyboardLayout

advapi32

RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyA
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ