47637049df8bc0978bf5ed19e92829cf | Triage

Sharing

General

Target

47637049df8bc0978bf5ed19e92829cf
Size

225KB
MD5

47637049df8bc0978bf5ed19e92829cf
SHA1

3cdc1ae212f28efad0ff598c5d58c370e36d9ddd
SHA256

7158550915753debe09c63c4b855eab4e1dbb98190696ec5cb281a5ac8ad841f
SHA512

8473d35e3d63f9365cbf4eaf1546fbfb865e4b1fe6cf00ceb7abe125473b7f468c2420f6ebdc2b77f83d35732eb1775db7f141677aad4687448f686cbf0bb930
SSDEEP

6144:7rKC3zno5NyFy+5ptwfI7Nq+EICjWC6lEif/:7rJDoyFNtwfPpICjWC2Ei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47637049df8bc0978bf5ed19e92829cf

Files

47637049df8bc0978bf5ed19e92829cf
.exe windows:4 windows x86 arch:x86

49531f0368e9be7ac9f36decaaf360da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

OleUninitialize

comctl32

ImageList_SetIconSize

shell32

SHGetSpecialFolderLocation

Sections

CODE
Size: 191KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE