45ba9b4904be43433ea560714bd78c5e | Triage

Sharing

General

Target

45ba9b4904be43433ea560714bd78c5e
Size

98KB
MD5

45ba9b4904be43433ea560714bd78c5e
SHA1

d1a6801a1bc0889a4b3763aa58a4e28bfbb98af7
SHA256

7ded679ab1d2d0a97f431b69a4a5c7d7f9faeb083bfcc65806ec8e2b26e7429a
SHA512

f1fa550b76d3392eb29ffdc1dc285cf614c72b2346fd793a3aba0a2c49e3e09fd10d49a6fbe530079831bb24b942196934310ca9385baf00c37761b094060519
SSDEEP

1536:e5kYSG6V4aaYPzaaJw5AiJ6SdDu6ILxNCmm/xhHrP5f0ZX7/7GdqgMfAA+Kq3LEH:eqYb+aYLIuiJpCxNCV1rP5UB4tKMI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ba9b4904be43433ea560714bd78c5e

Files

45ba9b4904be43433ea560714bd78c5e
.exe windows:1 windows x86 arch:x86

0e2df9d5c8a729a58b9a61da19227008

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClipCursor
CreateIcon
DdeNameService
EqualRect
FillRect
FindWindowExA
GetKeyboardLayout
InvalidateRect
IsWindow
IsZoomed
PostQuitMessage
TrackMouseEvent

kernel32

AllocConsole
BackupSeek
CancelIo
CopyFileA
CreateEventA
CreateFileA
DeleteFileA
FoldStringA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetThreadTimes
GetVolumeInformationA
HeapFree
IsBadStringPtrA
LocalAlloc
MoveFileA
OpenFile
Sleep
TlsFree
VirtualAlloc
lstrcatA
lstrcpynA

advapi32

RevertToSelf

Sections

.text
Size: 512B - Virtual size: 209B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aspr
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ