45a017bd8c5c3a4bd1d5eedffa919b8b | Triage

Sharing

General

Target

45a017bd8c5c3a4bd1d5eedffa919b8b
Size

24KB
MD5

45a017bd8c5c3a4bd1d5eedffa919b8b
SHA1

f04c4215f9011c8c3bcbf35b1c52383d424235dd
SHA256

c6eeb5c12f711b462e44a8e21c2851b72507f52f039191454918005af5fbc395
SHA512

bb2e15971e867343b5f104e8a6abd5f1d64319f6b3b5e1255ede0c737a83178f3935ffe71264c4ad6f457ff5a374f584ce84173f2dec72460705c52f7f14e900
SSDEEP

192:diGuCgXce5DeyGAblBFvJ1IodimjlI9ESP1oyr/EtKQ9Z1:dR6Xce5D7GAZBZJ1nimjlI9P1JA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a017bd8c5c3a4bd1d5eedffa919b8b

Files

45a017bd8c5c3a4bd1d5eedffa919b8b
.exe windows:4 windows x86 arch:x86

d9ef12ffe5a2cc2f88fc167ece5d0113

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleFileNameA
CloseHandle
CreateProcessA
GetWindowsDirectoryA
GetLongPathNameA
GetTempPathA
FreeLibrary
Sleep
MoveFileA
DeleteFileA
WriteFile
CreateFileA
GetModuleHandleA
GetStartupInfoA

msvcrt

isprint
islower
isgraph
isdigit
isalpha
isalnum
div
ceil
ispunct
sprintf
rand
srand
time
__CxxFrameHandler
??2@YAPAXI@Z
_except_handler3
_access
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
atol
??3@YAXPAX@Z
_itoa

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ