046398199068316b4aa6f7b4020e25bc | Triage

Sharing

General

Target

046398199068316b4aa6f7b4020e25bc
Size

50KB
MD5

046398199068316b4aa6f7b4020e25bc
SHA1

1bfa887ab60a63490513588ff65d2ae316bff8d6
SHA256

456e0dc6809f66426017bc77cbec273d58edee5f29dce6bc0f535069186dfdaa
SHA512

ceb33292ce02dfeb43b7dd9d67e1b5137edc8d2d1bc910ae5a94d0781a3d83bc06a365ba120b6c5aa9fdc4398aee24295ff4ce219c4329eea03c551bd3d69fda
SSDEEP

1536:gqtfmz0eanetwRw0wzouVNB+NncT4UPDGhLBC:dfmz0eFtwugnc8dhL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
046398199068316b4aa6f7b4020e25bc

Files

046398199068316b4aa6f7b4020e25bc
.exe windows:4 windows x86 arch:x86

3ec33d25cbc7cdedbb20cd7a125716dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
GetVersion
GetTempPathA
GetCommandLineA
GetSystemTime
lstrcpyA
lstrcatA
GetLastError
GetProcAddress
ExitProcess
VirtualAlloc
CreateFileA
GetTempFileNameA
GetLocalTime
lstrcmpA
LoadLibraryA
lstrlenA
OpenMutexA
lstrcpynA
FindAtomA
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualQuery
GetVersionExA
RtlUnwind
IsDebuggerPresent

user32

DialogBoxParamA
LoadIconA
GetFocus
SetWindowTextA
IsWindowVisible
EqualRect
GetCaretPos
GetWindowRect
wsprintfA
InflateRect
ClientToScreen
SetClassLongA
EndDialog
GetDesktopWindow
GetCursorPos
SetDlgItemTextA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ