f5ba39e7357f1cdbf185f276e32b67681bb568d9f878ebf16047346e6cb7a58eN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5ba39e7357f1cdbf185f276e32b67681bb568d9f878ebf16047346e6cb7a58eN
Size

152KB
MD5

f730d2db52f42b2eb92df7c95c764c30
SHA1

2780a22b68460c0399fc0ef7dcfc01e505d683cd
SHA256

f5ba39e7357f1cdbf185f276e32b67681bb568d9f878ebf16047346e6cb7a58e
SHA512

1285fcd9add9bce01afab4f25c9341e5b3c1741ca1858eddee6546996e3a8269cb66c35c39ad58fc3194c73b7406074e4b615d84577bad24fe60ee4a99b3e915
SSDEEP

3072:6YC7PkFG+b8MpcWB2IJEGudLbeczQY0d0Gj95GnnHlNdttQXPz+:6YCrkFGO2WB27hJzQFd0q567tQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5ba39e7357f1cdbf185f276e32b67681bb568d9f878ebf16047346e6cb7a58eN

Files

f5ba39e7357f1cdbf185f276e32b67681bb568d9f878ebf16047346e6cb7a58eN
.exe windows:4 windows x86 arch:x86

8db48e14ebdb2165aa7a5a7b9c9f6995

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
LoadLibraryA
LCMapStringA
ExitProcess
CreateFileA
CloseHandle

user32

CloseWindow
SetWindowLongA
CharLowerBuffA
CreateWindowExA
wsprintfA

advapi32

RegEnumKeyA
RegEnumValueA
RegCreateKeyA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegSetValueA
RegCloseKey

Sections

.text
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ