046436099f7db71d0dec3acf48b8d607 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

046436099f7db71d0dec3acf48b8d607
Size

49KB
MD5

046436099f7db71d0dec3acf48b8d607
SHA1

591785ae77373e83493b7b14a7b456198c409ed2
SHA256

08707739787f63fd4c5329445f2ac283889dbc8d17c8614e71820cb14fa2f69a
SHA512

463fa2637aae155ca10c9c827bad0fd5421ac9d34fe13e1485bfa40d9d8d0d043e75e1e4db289b569496939bcbd0fa2383678231dbdc27b95a57a43f6e48960c
SSDEEP

768:86BRtKS2W2LzoJ2h9O5RfH6sKomc83DxxN6bGUwU6VbT9vHJMxVD:86/tkWKHh05l3nmnB4AU6VbTZ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
046436099f7db71d0dec3acf48b8d607

Files

046436099f7db71d0dec3acf48b8d607
.exe windows:5 windows x86 arch:x86

d14631befb344019ecd6e14c48da12fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA

kernel32

WideCharToMultiByte

shlwapi

PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIW
wnsprintfW

user32

CloseDesktop
DispatchMessageA
EndDialog
GetClassNameA
GetForegroundWindow
GetKeyboardState
GetKeyState
GetWindowLongA
GetWindowThreadProcessId
LoadCursorA
OpenDesktopA
PeekMessageA

Sections

.wbajql
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zcf
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tqf
Size: 6KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ