0499b4f2b68c4d1d6769460dced80cda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0499b4f2b68c4d1d6769460dced80cda
Size

18KB
MD5

0499b4f2b68c4d1d6769460dced80cda
SHA1

d33b7e518220d169f117e32123ef9784505b7927
SHA256

723975dc172f65c3b060b3fcad57ebcf8bca9b06f3bf6a813765e782c5f9dfe8
SHA512

af4ffd0e2757579fb65b139fbf4d3eb74158524235c6b959f1cbcb2e84504cd57a3cf781f6b45db71ef771bbfce9cde5d30f0b009ec7cfce19dab4a4cca0192b
SSDEEP

192:VoNAgaBBIFUTTKha4Smj1CdrctY0U8Q//PAO7Vi7VP1cuWuINNqd:VoTa7IuHQHj1VtY04//oSyVWuPX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0499b4f2b68c4d1d6769460dced80cda

Files

0499b4f2b68c4d1d6769460dced80cda
.exe windows:4 windows x86 arch:x86

b8961aee65b49aac51510d20d59ea4a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
CloseHandle
FindResourceW
TlsAlloc
CreateMutexA
TlsGetValue
ReleaseMutex
DeleteAtom
lstrlenW
CreateFileA
GetCurrentThreadId
GetStdHandle
GlobalUnlock
GetExitCodeProcess
GlobalFree
LoadLibraryExA
GetModuleHandleA
SetLastError
GetEnvironmentVariableA
HeapCreate

user32

DispatchMessageA
CheckRadioButton
DrawMenuBar
CreateMenu
GetDC
GetDlgItem
FillRect
CallWindowProcA
GetCaretPos
DrawEdge
CreateWindowExA
IsWindow
SetFocus

rsaenh

CPSignHash
CPHashData
CPDecrypt
CPGenKey
CPDeriveKey

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ncaekgm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE