048428edc8772cca16b659dfa2fa379a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

048428edc8772cca16b659dfa2fa379a
Size

160KB
MD5

048428edc8772cca16b659dfa2fa379a
SHA1

2e1fa982e663ae9636ddb17a856682d46ce7702a
SHA256

dc3da1dfb802e8464e0f6cc92924bb39a82ce289e5815ffc681bd5ce592896b6
SHA512

55f4697db95a59481fed6fd360aa5620578c56156575ec2368a6e2fc2493639fb9afa9386ebde2a15198fe6521f535b5f65fb08fa92f550d38109497444985e2
SSDEEP

3072:JPhk1aminCTWYrx+CYvaK0iTjFPjEx2b6cCkAMvAd68C+KZ7PhARdgf6N:JPhuamiCiS+xaK5FPVbokAM41Nw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
048428edc8772cca16b659dfa2fa379a

Files

048428edc8772cca16b659dfa2fa379a
.exe windows:4 windows x86 arch:x86

93361f8c6c57c9899e28c079929db992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc

user32

wsprintfA

Sections

=GktV R:
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

=2"vxhSY
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

-c##_t8U
Size: 4KB - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

C`ejWLPZ
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ