46678d66bfa673f859a5e1bd436ba0db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46678d66bfa673f859a5e1bd436ba0db
Size

11KB
MD5

46678d66bfa673f859a5e1bd436ba0db
SHA1

34afd8f7f22f2d2e7409ae4a6e1ef8665e413a29
SHA256

28d610430bb8e28a25eaa4ff9b544a65016e22836a68be7f7d0514acbed405e8
SHA512

bc160c2ee69a68bebc1890fe607b784d74bfec13e5cf27e0a7ea9ab6952e4577aef328de1d7a350c840de65e37396b90302d964c61020e88be17602be1e776aa
SSDEEP

96:l1WEUXFwfTW12nEUEvrcQxD4UuRTG75oA28/TVlpcw2ZU7kf9AeI27:lDUXFvUED+t5A/cw2ZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46678d66bfa673f859a5e1bd436ba0db

Files

46678d66bfa673f859a5e1bd436ba0db
.exe windows:4 windows x86 arch:x86

c2dbd4f2329e7b73cb30aa974dfacf4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

shlwapi

StrStrA
StrStrIA

kernel32

lstrcpyA
CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetTickCount
lstrcatA
LoadLibraryA
GetVersion

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

urlmon

IsValidURL
CoInternetCompareUrl

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE