45e5772d66097750e5b11256a09c9147 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45e5772d66097750e5b11256a09c9147
Size

26KB
MD5

45e5772d66097750e5b11256a09c9147
SHA1

8fc039e4a23768521469378838f153a1f1520d59
SHA256

2587ef72309020a3e58e6f9889942d7b869829703bb7631aea9ae610a58e50d9
SHA512

4cf30fbf943dd3a9619c9987d6678d7f4a394fabda0867c63d1106086801a2a41c9ccedaf4fcb2ee6717b890864615aa5d7a1ebc94be1a6bfe4725434679feac
SSDEEP

768:43Cp1uytaR5HrkFuz06egHVp3m6j8qbodD:ICp1uyATkFuz0WHa6jrcdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45e5772d66097750e5b11256a09c9147

Files

45e5772d66097750e5b11256a09c9147
.exe windows:4 windows x86 arch:x86

802381b0ef9061ad357d2fb03ca9914d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenJobObjectA
FatalAppExitA
GetDefaultCommConfigW
GetProfileIntW
FreeEnvironmentStringsA
GlobalFindAtomW
GetConsoleKeyboardLayoutNameW
WriteConsoleInputA
GetShortPathNameA
CreateFileMappingW
ReadConsoleInputA

user32

GetWindowTextLengthA
CallWindowProcA
LoadKeyboardLayoutW
MessageBoxA
LoadStringA

gdi32

RemoveFontResourceExA
RemoveFontResourceExA
CreateDCA
GetOutlineTextMetricsA
GetICMProfileA
GetGlyphOutlineA
GetTextFaceA
TextOutA

Sections

.rdata
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ