454495799dd4b500ee8d03c980c91613[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

454495799dd4b500ee8d03c980c91613.exe
Size

293KB
MD5

454495799dd4b500ee8d03c980c91613
SHA1

3c6f4981861cd9fc513d9d8cb3b6bacfdef80577
SHA256

8e0df8ad5cd022284317d00ebc70c1b16dc0e39165bab643483d045632dcf27c
SHA512

feba76150e477a50045260f305ec7c7e509f2a4a8786e52a25f8a41a11601745e8d1aaba146db3d8bdcbb4d7cb9de6821b7dbb3a2243fa5f5aa6a123e3fe9fad
SSDEEP

6144:7FGNQU5lVYwct9RhasDeUMOvOojGgN/NjhGAZvsKKikCbxOoU02jh:7FGNVDYwcDRhaonWUIIRnZ1O73j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
454495799dd4b500ee8d03c980c91613.exe

Files

454495799dd4b500ee8d03c980c91613.exe
.exe windows:4 windows x86 arch:x86

50046044c950e0fba004603d5dbb228d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetLocaleInfoA
GetAtomNameW
GetTimeFormatA
GetConsoleOutputCP
GetACP
IsValidCodePage
SetStdHandle
HeapReAlloc
TlsSetValue
TlsAlloc
VirtualAlloc
TlsGetValue
EnumResourceNamesA
HeapSize
MultiByteToWideChar
FindResourceA
WriteConsoleA
GetDateFormatA
RtlUnwind
GetCPInfo
GetOEMCP
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHAppBarMessage
DragAcceptFiles
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW

Sections

.text
Size: 135KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ