44746c679345329a0891ac89179a239d

General

Target

44746c679345329a0891ac89179a239d
Size

252KB
MD5

44746c679345329a0891ac89179a239d
SHA1

b839fe4dff8c6b4cc3de1fd129fbec2195ee2552
SHA256

f66c143a7f9754d38c684e199ad736294b30888c01d1c4bbde32bef30049478b
SHA512

343b84caab3e652a10f076bf91e33ad3006a5a309f65f3cc0c183cfc70fe17219d4a23c923e8d5608e0d40f52ba12f17e4400f4fb5ea1dd409ec7723d377ae32
SSDEEP

6144:ZlE1GiTCDaIK/9YUDGJI59lbvit3KptKGLOSZJHmny:ZlEf2DaIK/91DGJI59lbvit3KvKNSZJx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44746c679345329a0891ac89179a239d

Files

44746c679345329a0891ac89179a239d
.exe windows:4 windows x86 arch:x86

93c64ccc0af4b417317774e7dae9cfcd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CloseHandle
GetModuleFileNameA
GetTempPathA
CreateFileA
GetTempFileNameA
SetErrorMode
FreeResource
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
DeleteFileA
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
GetLastError
FlushFileBuffers
SetFilePointer
SetStdHandle
ReadFile
GetFileSize

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93c64ccc0af4b417317774e7dae9cfcd

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 200KB - Virtual size: 196KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 200KB - Virtual size: 196KB