45121850336a289c4cc184028d81288d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45121850336a289c4cc184028d81288d
Size

106KB
MD5

45121850336a289c4cc184028d81288d
SHA1

0a70d92cc1b28bee047b6158914ba72c2aae71d1
SHA256

bdd00f8489bdfb5d6cf1170cf227a265b754165db35937d0c96b8db4dda785bd
SHA512

6530a0f0c367e849c414f2e12b520281abfa8b1a9653f2b378107d9827c00a9bba2ffa78c9cd5cc707f9504460f1dd0f0704959591195a3c61ba5b512e8a7b38
SSDEEP

3072:50qN0XLZchs8O8klnQL3Rv/iK05KzvbYgO3:5HeXLZ7Q7nwEbYd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45121850336a289c4cc184028d81288d

Files

45121850336a289c4cc184028d81288d
.exe windows:4 windows x86 arch:x86

edbb752039fdd6df50553ec737e381ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
lstrcpynW
VirtualAlloc
lstrcpyA
GlobalLock
GetModuleHandleA
GetCommandLineA
VirtualProtect
CloseHandle
GetTickCount
SystemTimeToFileTime
GetCurrentThreadId
GetUserDefaultUILanguage
LeaveCriticalSection

user32

GetIconInfo
GetCursorPos
SetThreadDesktop
MsgWaitForMultipleObjects
GetDlgItem
LoadCursorA
GetClipboardData

advapi32

CryptDestroyHash
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
CryptReleaseContext
CryptAcquireContextW

shlwapi

PathFileExistsW
StrStrW
PathMatchSpecW
wnsprintfW
PathCombineW

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 267B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE