45ec438b73cd25894ddfa0c48cbff5b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45ec438b73cd25894ddfa0c48cbff5b7
Size

102KB
MD5

45ec438b73cd25894ddfa0c48cbff5b7
SHA1

4f09d910eb359d9b319b0e8de4a2d8d0a46b550f
SHA256

eb0fe72d14d4500487665295dade2f49e1b3d44ee5cf6a349dae010261b6b45c
SHA512

ee71bd4cd6f2e85ac69f1b68b76665c07eb91f70937ac92f5ab664a753662f0885890bc3a4aad69b2234ac68dabde8360fb350c7b708767cc4c48eca717855f3
SSDEEP

1536:fQz0C0Gu1NZ570tR/c/4bwozDr0sX8w71ho+lVXftS1V6VSKA9xb:fQz0CIXZ5It9c/Gfzss8w7ckV2K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ec438b73cd25894ddfa0c48cbff5b7

Files

45ec438b73cd25894ddfa0c48cbff5b7
.exe windows:4 windows x86 arch:x86

7c2950680f5a3eaed3e52735182ed16b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA
wsprintfA

shell32

SHGetSpecialFolderPathA

kernel32

lstrcatA
GetTickCount
Sleep
SetCurrentDirectoryA
CreateDirectoryA
lstrcpyA
ExitProcess
GetModuleHandleA
GetCommandLineA
LoadLibraryA
FreeLibrary
GetProcAddress
lstrlenA
FreeResource
CloseHandle
WriteFile
LockResource
CreateFileA
SizeofResource
LoadResource
FindResourceA
DeleteFileA
RemoveDirectoryA
GetTempPathA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
SetFilePointer
ReadFile
GlobalFree
GlobalAlloc
GetLocaleInfoA
GetSystemDefaultLCID
GetVolumeInformationA
GetWindowsDirectoryA
HeapFree
GetProcessHeap
HeapAlloc

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE