44d416f8ebfbbe4fb52b4444d7e24ec6 | Triage

Sharing

General

Target

44d416f8ebfbbe4fb52b4444d7e24ec6
Size

162KB
MD5

44d416f8ebfbbe4fb52b4444d7e24ec6
SHA1

2e8f8748faebcbcb76ceb92a13cb3f9c8537efb7
SHA256

ac32a850727f2695d70cfd49f96eac07f7c95dedb3c2e57108bbcbe433cf0c74
SHA512

2635e1e87ae28c2e6d67f40b3183ea4ab93fa577570cb5a0547e09200210edce9da3033cec180ace7104117caacf22fa37c88e8bf7c92f6c34b1d4d94246e1e0
SSDEEP

3072:PvF2KGJb1yTHHJq0oKI7i5sdFKhfh/ZVY5Fphz808I1BAfgfmhrVQpzqx:V2DB1yTHXem5EEhfKQ0L1BLfm9VQpzqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44d416f8ebfbbe4fb52b4444d7e24ec6

Files

44d416f8ebfbbe4fb52b4444d7e24ec6
.exe windows:4 windows x86 arch:x86

dca59c4f7827725ad37cbb439b67c1f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

CharUpperA
GetKeyState
wsprintfW
MessageBoxA
wsprintfA
CharNextA
GetTopWindow
CharLowerA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

SetEndOfFile
GetThreadIOPendingFlag
WideCharToMultiByte
CreateFileW
LoadLibraryA
CreateMutexA
InterlockedIncrement
TransmitCommChar
FlushFileBuffers
MultiByteToWideChar
GetTempPathW
SetStdHandle
EnumResourceNamesW
GetModuleFileNameA
InterlockedDecrement
GetProcAddress
FreeLibrary
CloseHandle
LoadLibraryW
ExitProcess
IsBadReadPtr
CompareStringW
GetLastError
CompareStringA
WriteFile
SetEnvironmentVariableA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ