47c5a290ee11ce282fd03b31cc44b5cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47c5a290ee11ce282fd03b31cc44b5cd
Size

214KB
MD5

47c5a290ee11ce282fd03b31cc44b5cd
SHA1

f4c862c4849493721ad6b9bbab5ea2beb8aeefb6
SHA256

dc77474936ff1a097dc86fd7796fdbe11ef012fa20a1a57a836706f35292c36f
SHA512

e9aca1efa3e1dde39dbe8c606d13478d1df0e7ca36741c8c69f9ee4be64ae976dfd30a9399065ede7486a02e11c12c98482efca245864fd5747553bb9127f54e
SSDEEP

3072:/ryr5BisZz1EANPcGWhyCDAnuItt0enflg0YnrPK0b1BOa:urFNPcG07It00fArPVbL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47c5a290ee11ce282fd03b31cc44b5cd

Files

47c5a290ee11ce282fd03b31cc44b5cd
.exe windows:4 windows x86 arch:x86

ed0eda452d3fa60bf353b4bf3d32f017

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetLastActivePopup
GetMenuItemID
GetPropA
GetScrollRange
GetSystemMenu
GetWindow
PtInRect
RemoveMenu
SetRect
SetWindowLongA
ShowCursor

kernel32

CopyFileA
CreateEventW
DuplicateHandle
ExitThread
FindClose
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileSize
GetLocaleInfoA
GetModuleFileNameW
GetStartupInfoW
GlobalFindAtomA
GlobalReAlloc
HeapAlloc
InterlockedIncrement
LoadLibraryW
QueryPerformanceCounter
ReadFile
SetFilePointer
SetStdHandle
SetThreadLocale
TlsAlloc
lstrcpynA

gdi32

ArcTo
CreateDCA
CreateRectRgnIndirect
EndDoc
GetObjectA
GetObjectW
GetPixel
GetTextMetricsA
OffsetRgn
Pie
SetDIBColorTable
SetPolyFillMode
SetRectRgn
StartDocA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ