57679e3fb42fbc1727028f2b34d35ed5bee8a63d960740a1a706b67118cbb405 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57679e3fb42fbc1727028f2b34d35ed5bee8a63d960740a1a706b67118cbb405
Size

90KB
MD5

32ebf63839676759b1349bcedd6cdc85
SHA1

d1777062b264e20809fba45f2fc0111412b5bc73
SHA256

57679e3fb42fbc1727028f2b34d35ed5bee8a63d960740a1a706b67118cbb405
SHA512

fd92d7c60fd42ac49313207e13ed0ce3a1984f7df1f175dc02aaf30af23f3ef39377d17177796a42b5f7de678c09407ee9c6016ccb5f4a1f13d9348a6938636e
SSDEEP

1536:AQ38vsm02LMSTz2u/DBP4EXfpoggoKrKDnzel:Aha2B2u7dPfVVKr4nzel

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57679e3fb42fbc1727028f2b34d35ed5bee8a63d960740a1a706b67118cbb405

Files

57679e3fb42fbc1727028f2b34d35ed5bee8a63d960740a1a706b67118cbb405
.exe windows:5 windows x86 arch:x86

0387d7197769bd3cd788524003bf2efa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

.MPRESS1
Size: 35KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE