460982d9e47200a97f44b49006abb8e8 | Triage

Sharing

General

Target

460982d9e47200a97f44b49006abb8e8
Size

190KB
MD5

460982d9e47200a97f44b49006abb8e8
SHA1

5c0b7be78f720fe8302eb4f0b38095e7af755479
SHA256

e5af3c6004d71d1ae2d6f483e1e353fc40544f42fecc599a9e51339ecf1ce08b
SHA512

e7ba98a0e744207f8413e6d64666dfe3fa4fc957b6f2ad2b041fda59e771df647c2e49b2e9dc898761998a86880a330c15cd22f5efa480e32dc1f73a916e25a2
SSDEEP

3072:8Q6NmpY6jEBQ4Bffh2CXlplbzK1vfNdjtmLm86zxHk1g8Ee9o2x3dlkWhLqqn8VD:8Q6NH6jCQ4dfhBlpVzK1vf5mLm86Jk1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
460982d9e47200a97f44b49006abb8e8

Files

460982d9e47200a97f44b49006abb8e8
.exe windows:4 windows x86 arch:x86

d2e793a909c05175ed17eb2409a98ee7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

GetLocaleInfoA
FlushFileBuffers
GetEnvironmentStringsW
SetProcessAffinityMask
SetStdHandle
LoadLibraryA
OutputDebugStringW
GetEnvironmentStrings
QueryPerformanceCounter
CreateFileW
GetSystemTimeAsFileTime
GetStringTypeW
GetCPInfo
GetOEMCP
WaitForSingleObject
DeleteCriticalSection
EnumResourceTypesA
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
CreateProcessW
GetStringTypeA
GlobalLock
CreateFileA
WriteFile
Sleep
GlobalAlloc
GetACP
LCMapStringW
SetEndOfFile
WriteConsoleW
InterlockedDecrement
WaitNamedPipeA
ReadFile
IsValidCodePage
InterlockedIncrement
CreateEventW
FreeEnvironmentStringsW
TerminateThread
GetModuleFileNameW
GlobalUnlock

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoQueryProxyBlanket
CoInitializeSecurity
StringFromGUID2

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ