49d35e649ccbfed1a16726a36d36e871 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49d35e649ccbfed1a16726a36d36e871
Size

32KB
MD5

49d35e649ccbfed1a16726a36d36e871
SHA1

fadb270582eefb79717e3b0807c56d95a3bb72fd
SHA256

6b4b8eeb6c612d15638dd98bbab125ce9a22c8a3c3920fe8511eae91655edbfe
SHA512

d39cdfc8c9c1d3adb76158861168c591434fc43648571a7b0ceb6efa9775513d95a94dae953188f9c364d6807e1d2f6f139f547bd36a52c1bc026007991858e3
SSDEEP

768:54ueP0z8hDbNHouCXcSF/+SsKMhP0Ws3n/XmQUSALnxQ+An4bVKumDHj:54uq0aDhiXTGSEK2QqeIbV6jj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49d35e649ccbfed1a16726a36d36e871

Files

49d35e649ccbfed1a16726a36d36e871
.exe windows:5 windows x86 arch:x86

0cdef2dca1b73626754263de0ac03cf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlGetLocationW
ChrCmpIW

user32

CallWindowProcW
wsprintfW
IsMenu
SetDlgItemInt
GetUpdateRect
GetDC
BeginPaint
TabbedTextOutW

kernel32

GetModuleFileNameA
WaitCommEvent
lstrcmpA
lstrcmpiW
GetLocalTime
MapViewOfFile
lstrlenA
LoadLibraryExA
RegisterWaitForSingleObject
LoadLibraryA

gdi32

WidenPath
SetPaletteEntries
Ellipse
PtInRegion
SetViewportExtEx

msvcrt

memset
_controlfp
__set_app_type
__p__fmode
strstr
__p__commode
perror
_amsg_exit
_initterm
iswdigit
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idir
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 136KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE