050dbe136ededb8949347383b4884633 | Triage

Sharing

General

Target

050dbe136ededb8949347383b4884633
Size

746KB
MD5

050dbe136ededb8949347383b4884633
SHA1

35ed8f187b39a26fc2bc14a5c16a1d6ee481eff8
SHA256

38d6304000b7ec3f88bfec3e60346343b73d2f8a0ee1181e41f41dc46417fbae
SHA512

cd3da35d71a78bcdf026e619b001c3c06f1487cf76392ef545401a24ea6e506dec6b4aba216f3d4e477cee96807fc60b84938c73854ce38daecda0c164bc1be4
SSDEEP

12288:aNFBTLnJxwkcujdOAgl5IHkdlazS1jXvUQLuqGIwonqlehvYHakX2SVVhiYl:WDtcgMAgFbazS1j81FowiArwYl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
050dbe136ededb8949347383b4884633

Files

050dbe136ededb8949347383b4884633
.exe windows:5 windows x86 arch:x86

815b7e5932307966054f5cd626ae0591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LocalSize
FindVolumeClose
GlobalLock
EnterCriticalSection
GetFileAttributesA
GetCommandLineW
HeapFree
GetDriveTypeA
GetFileType
lstrlenA
GetEnvironmentVariableW
FindVolumeClose
HeapCreate
WaitForMultipleObjects
CloseHandle
SetFileAttributesW
FindClose
IsBadReadPtr
GetFileTime
GetCurrentDirectoryW
ReadFile
ExitThread
MapViewOfFile
GetCommandLineA

uxtheme

GetThemeTextExtent
OpenThemeData
SetWindowTheme
DrawThemeBackground
GetWindowTheme
IsThemeActive
GetThemeTextMetrics
CloseThemeData
CloseThemeData
GetThemeColor
GetThemeBool
DrawThemeEdge
GetThemeEnumValue

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE