0453cad62e58194c7299a7120d2f59aa | Triage

Sharing

General

Target

0453cad62e58194c7299a7120d2f59aa
Size

415KB
MD5

0453cad62e58194c7299a7120d2f59aa
SHA1

527f28420e533ccb8a4a0a3d69bb85599ad7b3be
SHA256

9c461ce5caecca95c4c906bd250a6d9eb7db06c15238f5d9d0a12daaa29972b9
SHA512

70e805d3f1495f3ce1293d9c2cf121f592c1727836116f942e523c2b3ff14d91c9b3fb939c27aa4b01887be55c5bb2c892dd7383a3d0484ef471b3079e3d36c4
SSDEEP

6144:puloH2MBeR62IhYWgND7C0/MqtvJWrDqbuGJcGIeLZrWzZxrQijDJmt454az915h:Al6m62IhYW+RtvJWn5mZiFxlDktQkp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0453cad62e58194c7299a7120d2f59aa

Files

0453cad62e58194c7299a7120d2f59aa
.exe windows:4 windows x86 arch:x86

c55d58516ab8b94df1945dd02ca3b318

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

Sections

PEncrypt
Size: 407KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE