49283006346a85337f8e1bebf3621e62 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49283006346a85337f8e1bebf3621e62
Size

163KB
MD5

49283006346a85337f8e1bebf3621e62
SHA1

2a66a1e518396ff2ae87c4e20da9d01bff3a9e6b
SHA256

15bc8959ec75624fa14fe8ab9df465f7129042cb43764850c1a583ad643e9182
SHA512

3737f9da564a5b2de9a6f396242ea1ba7436d00fecf95f70abad7d9257691128372a4dd26084062f14029ac3ebc67e7689b99d8cecc2c02f0193eabc9d242841
SSDEEP

3072:VdfpLVEfnOh2Xzt+Wc65EKPqoAdLj44vT3Cs1H:Vfm2h2XzkW95nqLjnTyqH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49283006346a85337f8e1bebf3621e62

Files

49283006346a85337f8e1bebf3621e62
.exe windows:4 windows x86 arch:x86

4c056020e6d80499240ea4a2c25911ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
RegisterClassExA
SetMenu
MessageBoxA
ShowWindow
TranslateMessage
UpdateWindow
LoadMenuA
LoadIconA
LoadCursorA
GetSystemMetrics
GetSysColor
GetMessageA
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
SetWindowWord
BeginPaint

kernel32

LoadLibraryA
VirtualProtect
Sleep
RtlMoveMemory
CreateThread
GetModuleHandleA
GetLastError
GetCommandLineA
ExitProcess

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 830B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ