464b011d529792cea5d8aa4acea334f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

464b011d529792cea5d8aa4acea334f9
Size

189KB
MD5

464b011d529792cea5d8aa4acea334f9
SHA1

24ad22948952387bb7f3cf6ac69b7d56da84cca4
SHA256

3fa59cdd943fa39071129bbfa42c0b80afa0374e77550f01c1d784404a63cdf9
SHA512

4ab15780cc2a2275a3c25810fdda18163d8e899432abde04d2c8cd8680384c038b540592a6d82844544a125d7754b28a4c6f8dd5a3767c706753ed7c0976543d
SSDEEP

3072:t3c3pyIQWxcY//TNk0EdxWmasAfk07m6QIzwFznyOpj7wT:t3c5jF/TNktasAs0UIzczn5pj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
464b011d529792cea5d8aa4acea334f9

Files

464b011d529792cea5d8aa4acea334f9
.exe windows:5 windows x86 arch:x86

90d5426147a0c575b0e3c1eb3e586d02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AllowSetForegroundWindow
GetScrollPos
GetFocus
GetWindow
GetWindowLongA
GetCaretPos
OpenIcon
DefDlgProcW
EnableWindow
GetNextDlgTabItem
CharPrevW
AppendMenuW
SetCursor

kernel32

GetVersionExW
IsDBCSLeadByte
TlsFree
GetCommModemStatus
LoadLibraryW
SleepEx
ClearCommError
VirtualQuery
GetThreadPriority
DuplicateHandle
lstrcmpiW
GetProcAddress
SetCurrentDirectoryW

gdi32

Rectangle
GetObjectW
SetRectRgn
GetWindowOrgEx
GetPaletteEntries
DPtoLP
GetStockObject

Exports

Exports

?Dtnvkahvkycj@@YGXJ@Z
?dqoVhoaKjCmcopaP@@YGHPAEK@Z

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ