45bd30cd71292da10c678bde4baa017e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45bd30cd71292da10c678bde4baa017e
Size

8KB
MD5

45bd30cd71292da10c678bde4baa017e
SHA1

b35c0e5fdb54ec062694b721442afee42ccc0369
SHA256

4cf4c60392b944a86e33f97a76fb1383785a84cbe13f9f265d03098cd641952e
SHA512

7529db71b32e2c950d38c72010cbb6c082b678f022cd949dd91627801c883f397d06f7383cb547ac57ceee0587b10e383761820c0b34bd31f464c1f477a58ce6
SSDEEP

192:l6n7zxQSBDmTgIqG/chaA3JDGzK3rn77S:l6neSs/chamrn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45bd30cd71292da10c678bde4baa017e

Files

45bd30cd71292da10c678bde4baa017e
.exe windows:4 windows x86 arch:x86

f06ed5cadfc1d5466f06bf6085b632a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GlobalAlloc
LocalAlloc
LocalFree
ReadFile
RemoveDirectoryA
SetEndOfFile
SetFileAttributesA
SetFilePointer
Sleep
WaitForSingleObject
WriteFile
lstrcatA
lstrcpyA
lstrlenA

user32

wsprintfA

shlwapi

StrStrIA
StrRChrIA
StrToIntA

wininet

InternetCreateUrlA
InternetCrackUrlA

shell32

SHGetFolderPathA
ShellExecuteA

ole32

OleInitialize
CreateStreamOnHGlobal

wsock32

WSAStartup
closesocket
connect
gethostbyname
htons
inet_addr
recv
select
send
socket

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ