45670310970d8e8b24c7c741e5f3eaff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45670310970d8e8b24c7c741e5f3eaff
Size

176KB
MD5

45670310970d8e8b24c7c741e5f3eaff
SHA1

b2ca4cc224009e5b4a0ad1f3f6b752da49d96616
SHA256

fe39ecd2fcadad54361cc476b9f02366cdd1096ff0e80affdf0716342a6b95c4
SHA512

afc58a17e5b92dd1381dadde98a4edb9fcaddc0e61a76f1066dccc48623b5b234a535b5cdbcffbe4ed84f3b00299ed6106d46df95bcf39c010e3b5d89513d848
SSDEEP

3072:K8xDtAjvmJ4cE0K1qcAN7rp0UPpg9DdpA3KwLzC4tOHDkHTSAB1:VxKTpcFFVNq9DbA66zWwO4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45670310970d8e8b24c7c741e5f3eaff

Files

45670310970d8e8b24c7c741e5f3eaff
.exe windows:4 windows x86 arch:x86

6a5b27dd0d4df618448d4919e93da21a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICOpen
ICSendMessage
ICClose
ICDecompress

kernel32

GetLongPathNameW
GlobalFree
LoadLibraryW
SetThreadContext
GetModuleHandleW
CreateFileW
EnumResourceTypesW
GetProcAddress
CloseHandle
ExitProcess
GetLastError
GetCurrentThreadId
UnhandledExceptionFilter
GetCurrentProcessId
GetVersionExW

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegSetValueW

user32

PostMessageW
GetClientRect
SetRectEmpty
SetCursor
AdjustWindowRectEx
InvalidateRect
GetWindowPlacement
FillRect

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ