462c611653734b0cedbdd4a2b615bb56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

462c611653734b0cedbdd4a2b615bb56
Size

464KB
MD5

462c611653734b0cedbdd4a2b615bb56
SHA1

595b99f0e785d23a10729616d6aa1d3728d24ba4
SHA256

c6ff5dd4016ad30b53d24ddde526316cbe4b872dddbe379cdc16479d7fdbde3d
SHA512

195c83c9e521f553983419d12f70596e73c65b01c20a8976d29b9349f6d4a258f4f4c9870af5c23371eef0fec8d0e4eb3a254445a13ca7b38167ebd681c7191e
SSDEEP

12288:Lt++kSStIrP0SOdHDb7cRHnL+TcqPURUeEIjE8I:x++kSSvDbeHgcqPPeEIjVI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
462c611653734b0cedbdd4a2b615bb56

Files

462c611653734b0cedbdd4a2b615bb56
.exe windows:4 windows x86 arch:x86

a9926979bfe776b50774fae97d5a3065

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetModuleHandleA
ContinueDebugEvent
CreateFileA
IsDebuggerPresent
lstrcmpA
WaitForDebugEvent
lstrlenA
FreeLibrary
CloseHandle
GetCurrentProcess
GetTempPathA
CheckRemoteDebuggerPresent
LocalFree
lstrcpyA
WriteFile
CreateProcessA
lstrcatA
GetProcAddress
LoadLibraryA
LocalAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.f0Gx
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 449KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ