44d3a8a6f75168ee49f2b69fe88528af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44d3a8a6f75168ee49f2b69fe88528af
Size

164KB
MD5

44d3a8a6f75168ee49f2b69fe88528af
SHA1

da2e0ae9020813d821da4fa97e887b55a6fc75af
SHA256

e6923883d78b5061a0d23eee5f7912edbcde195630e942c1cbfcf077c6ef8cdb
SHA512

4a0343ae138c6a43ecfd8686aeb1a2dd2d593194def3878145956fcff7f9853af7506ef0dd6d9017088e3d3145eeff2679c0c904f0550ce8bc8c1190e0b53208
SSDEEP

3072:DVQk9vEiqnU8oL44TOX5kCwcFh4CGjaZazY8ofmAG99sA/w74lxyiSbLZt:DHB4U8SZ6FFZGjaCLoOAG99sAEa4LZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44d3a8a6f75168ee49f2b69fe88528af

Files

44d3a8a6f75168ee49f2b69fe88528af
.exe windows:4 windows x86 arch:x86

e8f3ed5f6fd79f96db1468d64c3e29d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
SetErrorMode
InterlockedExchange
HeapCreate
GetSystemDirectoryA
RaiseException
SetEvent
CloseHandle
GetCommandLineA
GetACP
GlobalFree
EnterCriticalSection
ReleaseMutex
LoadLibraryExA
GetLocaleInfoA
GetStdHandle
VirtualProtect
ResetEvent
Sleep
GetLastError
FindFirstFileA

user32

GetFocus
GetWindow
GetWindowTextA
GetParent
FrameRect
ReleaseDC
GetClassNameA
GetActiveWindow
SetForegroundWindow
ValidateRect
EndPaint
DrawTextA
FlashWindowEx
BeginPaint
IsIconic
ShowWindow
FillRect
wsprintfA
GetCursorPos

httpapi

HttpCreateHttpHandle
HttpAddFragmentToCache
HttpInitialize
HttpAddUrl
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ