488938f9fbce398d19e4f086aa355b5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

488938f9fbce398d19e4f086aa355b5e
Size

79KB
MD5

488938f9fbce398d19e4f086aa355b5e
SHA1

632e1336649785797eb6a7149ddf755016aa5936
SHA256

45f52a9a085b25c5ea4a64835c75ef93c8cb603dc985783c2b2de9901be08bba
SHA512

02b93bf0bf08b25f32a2d8b05b71bcf72bb4a3eb55d79ee532ba5eb7a47e11dc1a86a667ff36a03c2ba9828b1fe89aa94e2a242884967ac58e0d3da6c8b72d8f
SSDEEP

1536:Vlxb/UyTDhuIMMV7mTYTk2s45t4Ujxl4m2TKD8wF:SyDhuIxVSYY/+tN4m2TTU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488938f9fbce398d19e4f086aa355b5e

Files

488938f9fbce398d19e4f086aa355b5e
.exe windows:5 windows x86 arch:x86

bf8119083ea39c53d9a332152cf48fc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetCurrentThreadId
LoadLibraryW
QueryPerformanceCounter
VirtualAlloc
FreeLibrary
GetModuleHandleA
DisableThreadLibraryCalls
GetProcAddress
GetCurrentProcessId
GetSystemTimeAsFileTime

atl

AtlMarshalPtrInProc

ntdll

NtAddAtom

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ