44913b5f341c97a4d9d8b52159257d8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44913b5f341c97a4d9d8b52159257d8a
Size

172KB
MD5

44913b5f341c97a4d9d8b52159257d8a
SHA1

25cdb02489ba2779884bf2d17662c48e37efded5
SHA256

66b19464f5be1b39bd8eb17e84d9813a3fb3e6a7dd8f07a65fed0ef090bd9fec
SHA512

9b93c811b55b26d8afdb94297eb955b26b1c6379f6adc0ad48bb8cd3eaa1239be9416d71e90007b5d3c108dee2078787627972b85527bededbfed83dfb0ef1e7
SSDEEP

3072:NOIhKn4nQf3X0ovJoFfOesEgbnTm4I+LY1Ea+DrVjueY/m7z9E4HysaLsVY1/:YYKnPf3lQOeeI+LY1EjD8ReP9E4kLsVW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44913b5f341c97a4d9d8b52159257d8a

Files

44913b5f341c97a4d9d8b52159257d8a
.exe windows:4 windows x86 arch:x86

ac11178f510fc2d3394a38b825e9ff8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
IsBadHugeWritePtr
GetDiskFreeSpaceA
GlobalSize
SetProcessShutdownParameters
CreateFileA
GlobalFree
FillConsoleOutputCharacterW
BuildCommDCBAndTimeoutsW

user32

DefWindowProcA
DdeKeepStringHandle
InternalGetWindowText
GetQueueStatus
UnloadKeyboardLayout
ActivateKeyboardLayout
GetMenu
GetWindowRgn
GetPropA
SetMenu
DdeConnectList
SetMenuItemBitmaps
InsertMenuA
LoadIconW

gdi32

CreatePenIndirect
LineTo
DeleteDC
SetBoundsRect

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE