49aedb3afe8ca955ba97237589dc1f5e | Triage

Sharing

General

Target

49aedb3afe8ca955ba97237589dc1f5e
Size

322KB
MD5

49aedb3afe8ca955ba97237589dc1f5e
SHA1

3b37705b1ca6d1444d659d3349b6454ee2ee1a84
SHA256

9aee56c7d1c5676e0adac02ca91123c16b45aff3de6ada34591ac75b4823eedb
SHA512

0c1718fb15436d6e6539db1829f8545f20320d09a50cb8daf19c6dfab131b4644cdc03503039352a140e28c07815a479c4987b1628c6e291e519d55c5e8c1339
SSDEEP

6144:2eEEHNlu3G4dMibXILNllDI14cxmx+qL+JX2Fz:2ejHNlEZOsWlDI1Rxmx+hmFz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49aedb3afe8ca955ba97237589dc1f5e

Files

49aedb3afe8ca955ba97237589dc1f5e
.exe windows:5 windows x86 arch:x86

74698de5ea87d58c32fe35829d034c3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
GetDlgCtrlID
WindowFromDC
BeginPaint
GetClipboardViewer
EndPaint
SetWindowTextA
CheckDlgButton
GetWindowLongA
EnableWindow
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
RegisterClassExA

gdi32

CreatePatternBrush
CreatePen
DeleteObject
GetStockObject
SetMapMode
CreateEllipticRgn

ole32

OleIsRunning
OleGetClipboard
CoCopyProxy

oleaut32

VectorFromBstr

kernel32

GetDriveTypeA
InitializeCriticalSection
EnterCriticalSection
HeapCreate
InterlockedExchange
HeapAlloc
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleA
SetFileAttributesA
GetACP
GetLastError
HeapDestroy
HeapFree
GetEnvironmentStrings

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ