4645113bbb13ca12d1c85d7c1c063fe7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4645113bbb13ca12d1c85d7c1c063fe7
Size

40KB
MD5

4645113bbb13ca12d1c85d7c1c063fe7
SHA1

e67df7ea80b92ffb3074179c1a0c28c063aaef00
SHA256

14d28939febd334b95a0ff5addb6d0bafec5a9a94f6737df691ccd40bad99872
SHA512

7ae6a630f035041630283f9a355b306e90baa9e4570cfd79aa5e6e303537d4edf2e84ed42b432f15b9650a9901cbbefac8d8bf2ebe3b9afb79c0ee28c1bcd5eb
SSDEEP

384:PJZky8jEhHSqecryUiRrnRUbEf5iYmPlMyScaxzErlrQ16c4fuXINKPv0lRx:PYyk2jO2ukYmOdcaxzErlr9uS48lR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4645113bbb13ca12d1c85d7c1c063fe7

Files

4645113bbb13ca12d1c85d7c1c063fe7
.exe windows:4 windows x86 arch:x86

e9fdb58f408b6dc7a97d73d4d78fd58e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
Sleep
GetSystemInfo
VirtualProtect
GetLocaleInfoA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetFilePointer
HeapSize
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
SetStdHandle
LCMapStringA
MultiByteToWideChar
CloseHandle

user32

MessageBoxA

ole32

CoUninitialize
CoCreateInstance
CLSIDFromProgID
CoInitialize

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE