45ccf05b90654ef209bc0126cbc1a914 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45ccf05b90654ef209bc0126cbc1a914
Size

56KB
MD5

45ccf05b90654ef209bc0126cbc1a914
SHA1

0f2678ce9af06293c2ecd99de483cf7606eee449
SHA256

226214cd09ba6d2f136c1b65040f34a7a9f9910b01d0a97f7a9b4b83f3a1d0b9
SHA512

f6b718949d347b493a5d08c3a0e30a35ac146e3ae43a9559e60eddc1f4023efa7fe223beedf6e77a86f0a576b297a04fa680156af76ecde44069ce049cc82212
SSDEEP

768:7stXCxJPLcvhRyDOSVWcJM37vxr6VIc6Ul3TCBKg73u01bJvI1yC:7stXCxJPLcpYDrVWc6h6/B3+BKg6yC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ccf05b90654ef209bc0126cbc1a914

Files

45ccf05b90654ef209bc0126cbc1a914
.exe windows:4 windows x86 arch:x86

0b95e36d2607e87e16065f8211d13e87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
LoadLibraryA
ReadProcessMemory
ResetEvent
SizeofResource
GlobalAddAtomW
LoadResource
GetCurrentProcessId
FreeResource
CreateThread
GlobalAlloc
GetFileAttributesExW
CreateEventW
GetPrivateProfileStringW
SetThreadPriority
GlobalLock
GlobalDeleteAtom
FindFirstChangeNotificationW
GetLocalTime
GetProcAddress

user32

SetWindowTextW
RedrawWindow
GetDlgItem
GetWindowTextW
UpdateWindow
DefWindowProcW
CreateWindowExW
SetCursorPos
PostQuitMessage
LoadCursorW
GetClassNameW
LoadImageW
GetWindowRect
wsprintfW
LoadStringW
LoadBitmapW
VkKeyScanW
SetForegroundWindow
ReleaseDC

gdi32

CreateICW
CreateDCW
CreatePen
GetMapMode
StretchBlt
GetDeviceCaps
LineTo

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE