4552f551d115e0bbbb5b74d8a764cd52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4552f551d115e0bbbb5b74d8a764cd52
Size

646KB
MD5

4552f551d115e0bbbb5b74d8a764cd52
SHA1

6e1a164b69c534ccd3278106f9a345aa80c9fabb
SHA256

556aceef6c3557074526e0124600251aa4abd2aa1f68f4b8351f0c196e191d59
SHA512

541a01c5af567037e82908b12c6478ded29d31cafa1f97f4a99fe49e04b9f87c3c96511b3ed41c06df04f4c678bce74826c7e4a30e6c68f5b36cea7205ef540f
SSDEEP

12288:3TTCo7E1K2lgWxYbLuhXIsgW5mblsw+LivGPOiw5GzMU6lvc7QLD+nuCuCvt4:3T21fgWIahh4lsw84GP3lzMhlvAmIMCO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4552f551d115e0bbbb5b74d8a764cd52

Files

4552f551d115e0bbbb5b74d8a764cd52
.exe windows:4 windows x86 arch:x86

46b0675c1fd7681c7b19a1c83d5aff83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 629KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asprsc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ