044825a4f83128fce96bfd7d92ae9fa9 | Triage

Sharing

General

Target

044825a4f83128fce96bfd7d92ae9fa9
Size

88KB
MD5

044825a4f83128fce96bfd7d92ae9fa9
SHA1

216066c5796dd360e1b4db0173e44aec867f2486
SHA256

4a540ff1917370aadc7a5fc76eff415c413eb171e17440c2d1f0cb039af1690b
SHA512

61988c6c7992369e59a2e6d1bb28ceb03826ed1d1170f0ad0d4e6890e7ed3542ecb3f71ba688abb9de73462b90414c99a2c5ccf9810e139cc527e0a638fb64d6
SSDEEP

1536:osut1HT/v/IuyOG/35daEsi1CJcFXdcSj/wDDZXYPCM/AcVf+875r9/Ah:oPjL/IuyOGf5d8cFXWw41XYPCRA+8A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044825a4f83128fce96bfd7d92ae9fa9

Files

044825a4f83128fce96bfd7d92ae9fa9
.exe windows:4 windows x86 arch:x86

0c12c1d512453ee9c2574ef52bc5167b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualAlloc
GetProcAddress

psapi

EnumProcesses

Exports

Exports

getBuss
getCuss
getMuss

Sections

.code
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 379B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE