41bc89a2201911c2010fb0f115551046 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41bc89a2201911c2010fb0f115551046
Size

55KB
MD5

41bc89a2201911c2010fb0f115551046
SHA1

00ecea838256039c34f77bf60e789af2ab045bb9
SHA256

4c5e1abaa10c256a895b797ba14e376304a056b9398428617ab9cd490f588aaf
SHA512

970ddddd4a2bdd7c415343348d177bcacd0e39ce2b76b9a67b3f8caff1f6dc8ff998e2115736dabe72aad6587c59a0ef5388583439a03ec69c1362e9af2288f4
SSDEEP

768:AftZK8niXo/+c4/Z3lr3vS2988RLuEGyozOFrB1NmT465G/Gn9/Wl665Nmclqn/7:2tpnMDpp98IEGB1NmscG/OVgNmXj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41bc89a2201911c2010fb0f115551046

Files

41bc89a2201911c2010fb0f115551046
.exe windows:4 windows x86 arch:x86

d4083ffa19bdcaa817fb6739d3db64c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetVolumeInformationA
GetTempFileNameA
HeapFree
LockResource
CreateFileA
SizeofResource
FindResourceA
GetSystemDefaultLCID
ExitProcess
lstrcatA
FreeResource
CloseHandle
GetWindowsDirectoryA
lstrlenA
GetLocaleInfoA
GetTempPathA
IsDebuggerPresent
SetUnhandledExceptionFilter
LoadResource
SetErrorMode
CreateDirectoryA
lstrcpyA
WriteFile
MoveFileExA
GetProcessHeap
DeleteFileA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind

user32

wsprintfA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyA
RegCreateKeyA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

urlmon

URLDownloadToFileA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE