491d9cfaa7e1f021bb122f5dcc74cd4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

491d9cfaa7e1f021bb122f5dcc74cd4f
Size

290KB
MD5

491d9cfaa7e1f021bb122f5dcc74cd4f
SHA1

6b8dcfc7cd9fd68e3bcdae3ddf31f20bfafd7105
SHA256

08c940f10e7f27cbeb1647bb5b73f465e82484c6c31023ec7e708217bdba7fda
SHA512

bf30194feb309e44103412f3ba5343fc4553c81642c5cd6c0f9500bb86df0f4d062c8e1b6805b3f3fb4324e925b35b986dcbbc6e1c70bef3f55bc3acf4752ea5
SSDEEP

6144:4FxLYhLCTmBXkIXYMREDWx7cYTVrO/fHRCw2niPMMFsCsrJAJm2ca1aO/r/:uL4CTmB0IXtRyCQ2BOHQiJFayJTzT/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
491d9cfaa7e1f021bb122f5dcc74cd4f

Files

491d9cfaa7e1f021bb122f5dcc74cd4f
.exe windows:5 windows x86 arch:x86

f8f2bb0fb6528f30261427b1aeb5fbfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
IsCharAlphaNumericW
OemKeyScan
SetWindowPos
ValidateRect
SetClassLongA
GetActiveWindow

ole32

OleGetAutoConvert
CoLoadLibrary
OleLockRunning

kernel32

GetCurrentProcessId
SizeofResource
SetFileAttributesA
HeapDestroy
GlobalUnlock
GlobalLock
LocalAlloc
HeapCreate
GetStartupInfoA
LocalFree
GetUserGeoID
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress

Sections

.text
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ