405fd9eaee3851c72a287b6c55f49cdd621876182ed959558e98be3ad3ec3dee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

405fd9eaee3851c72a287b6c55f49cdd621876182ed959558e98be3ad3ec3dee
Size

2.5MB
MD5

bce70b767213d407907dd9c4409a795d
SHA1

ec02425b07ba07b05d3f90e423087e436ca74dbf
SHA256

405fd9eaee3851c72a287b6c55f49cdd621876182ed959558e98be3ad3ec3dee
SHA512

0dac03563084b1ed5984258874136f8dea5e1de648cb04c6e0a3303c341a86c3b5bab0da60eafe2f6c87efb5829cd3301d64da6fa905cee97cd78724f85a6714
SSDEEP

49152:lwZIgccn3H7Dx0Mk35FLTuLLhTB9WtgDjFHUHXkfc3Cq813jorL147CVSvWd87JF:lwZIpQZhkJFLaLLVBieHUHXkf34L14+0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
405fd9eaee3851c72a287b6c55f49cdd621876182ed959558e98be3ad3ec3dee

Files

405fd9eaee3851c72a287b6c55f49cdd621876182ed959558e98be3ad3ec3dee
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.7MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mhqvekbw
Size: 820KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lrmlqxim
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE