5277841615325fd8093218175146b54f9baea02b92c1951cfff8e3f156f7f871 | Triage

Sharing

General

Target

5277841615325fd8093218175146b54f9baea02b92c1951cfff8e3f156f7f871
Size

183KB
MD5

d35e0b4f895b3dbd84aebc6f3dda1613
SHA1

d30c0c8b5f1a5f893f6f912ed53ed89149370913
SHA256

5277841615325fd8093218175146b54f9baea02b92c1951cfff8e3f156f7f871
SHA512

7b5bd4bf25d568e992cd67b89d23b0ae16f99a9559e0d036af5c7f1a8f6c9ccdbb7656f2dfc7580bb9830d8f6ed41a26e2b3644df76b6f15b1ecda11e73ffe79
SSDEEP

3072:fYHpYZ/JsSGzKm76/2iBm86QWmfK6uNEIXV5AnLATyCILNM+f6I/weymDVtlSyj:fYHpMBs7Pe+iMsK6uDV5nkBBiI/weymR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5277841615325fd8093218175146b54f9baea02b92c1951cfff8e3f156f7f871

Files

5277841615325fd8093218175146b54f9baea02b92c1951cfff8e3f156f7f871
.exe windows:4 windows x86 arch:x86

018ff4f6a314ea0d8c926bb6764f5ea2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetCalendarInfoA
WriteFile
GetStdHandle
SizeofResource
LeaveCriticalSection
HeapDestroy
CreateFileW
HeapFree
LockResource
SystemTimeToFileTime
HeapAlloc
LoadLibraryExW
EnumResourceNamesA
GetProcessHeap
FindFirstFileW
LoadResource
lstrcpynW
CloseHandle
FindResourceExA
FindResourceA
GetVersionExA
LoadLibraryW
GetSystemTime
GetModuleHandleA
TerminateProcess

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ