48b4d70f5b7aeeaaf83d19b98b685ae489b3e71a253601a31a1aba057ba24f03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48b4d70f5b7aeeaaf83d19b98b685ae489b3e71a253601a31a1aba057ba24f03
Size

2.0MB
MD5

566d942b708f126867ad1904fd41fc87
SHA1

b5cd171963bad06b37505f713a22fd035b667f0a
SHA256

48b4d70f5b7aeeaaf83d19b98b685ae489b3e71a253601a31a1aba057ba24f03
SHA512

3eb5fe7e835c987fc84f9785187de01e52f921cbd82d77ba77a4cac749d671a00440c4fb83ce2639e9ce2047ecea2db0e210d1e2c26a2e9b0be0e617eac29486
SSDEEP

49152:rqEc/5QF3JWEHtLqqfpmAsps41wtEjYU29UfUST:rqv5QRtLrBmAsp3FBzf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48b4d70f5b7aeeaaf83d19b98b685ae489b3e71a253601a31a1aba057ba24f03

Files

48b4d70f5b7aeeaaf83d19b98b685ae489b3e71a253601a31a1aba057ba24f03
.exe windows:4 windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.2MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

llyunhja
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jlqjqgwi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE