446ced2f443f2fa78426d8dce3da27a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

446ced2f443f2fa78426d8dce3da27a1
Size

300KB
MD5

446ced2f443f2fa78426d8dce3da27a1
SHA1

22dd5c705821f1804e637019b16c46030bc6bbe9
SHA256

b21c29b54fb55f6e9740061fc9e8cdffb6f129f9e8c51db818ff584f6e43d6c2
SHA512

db4a341e4cafef470fcc51ed9516367f0018d4656a97916c40e50156e84459b190593c6a4c7963724235a58731e8036dbde08adecb90ff666b85b5d8a13042c7
SSDEEP

6144:LIM3Pk9xOGX1cJ54bkPCQmTFNrf6gI6tmE:Lt8yGX1ai1XTfrf6gI6tm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
446ced2f443f2fa78426d8dce3da27a1

Files

446ced2f443f2fa78426d8dce3da27a1
.exe windows:4 windows x86 arch:x86

d9e2f6ae1a6c1b9b79fe61738165703a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
lstrlenW
VirtualAlloc
WaitForMultipleObjects
GetACP
DeleteFileW
FindFirstFileW
CreateFileMappingA
CloseHandle
SetEvent
WaitForSingleObject
GetModuleHandleA
GetStringTypeA
WideCharToMultiByte
EnterCriticalSection
CreateProcessA
GetCurrentProcess
GetExitCodeProcess
GlobalUnlock
GetVersion
GetCurrentThread
GetCurrentProcessId
GetUserDefaultLangID
GetTickCount
GetCommandLineW
GetCurrentThreadId
GetModuleHandleW
GetSystemDefaultLCID
GetLastError
GetSystemDefaultLangID
lstrlenA
GetUserDefaultLCID
GetCommandLineA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ