46a5c28abff84b81eff6b2a9a3496b4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46a5c28abff84b81eff6b2a9a3496b4f
Size

180KB
MD5

46a5c28abff84b81eff6b2a9a3496b4f
SHA1

496a4f6ee6a59b5b158a934e5fe4e2982b959053
SHA256

6a6bf4a1e6b9a8c5d25bbf26b87ae638d866cc4bfcb4ede89e998ce469d8e38d
SHA512

10785c02da0830a14f95b8502380e045b7584fd3c602989a7397ca4ec7e903eb66a27d5b182aaedfc5135a843b4e2b077331a4baa6da0a9d8a1462e7c6338b4c
SSDEEP

3072:eJhfPIb2xL37/u3sNFlKTMHvWeVPOsuZx2w0bKt8OvjED2zeeErGyDfgIeDJ5Hc:an1L2834+WeVPOGQ8OrED2zIGyDfg+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46a5c28abff84b81eff6b2a9a3496b4f

Files

46a5c28abff84b81eff6b2a9a3496b4f
.exe windows:4 windows x86 arch:x86

738a84993732ed40f32b9c6dbbcb0ee8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LockResource
FreeLibrary
GlobalGetAtomNameA
GetVersionExA
FindFirstFileW
DeleteCriticalSection
GetVersionExW
LoadLibraryA
LoadLibraryW
GetProcAddress
MultiByteToWideChar
Sleep
MulDiv
EnumResourceTypesW
GetModuleHandleW
InitializeCriticalSection
FindClose
GetPrivateProfileStringW
LoadResource
GlobalSize
IsDBCSLeadByteEx
lstrlenW
GetModuleFileNameW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetLocaleInfoW

wininet

HttpOpenRequestA
InternetCrackUrlA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA
InternetOpenA
HttpSendRequestA
InternetTimeToSystemTime
InternetErrorDlg
InternetReadFile
InternetTimeFromSystemTime

shell32

SHGetImageList
SHFileOperationW
ShellExecuteW
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteExW
CommandLineToArgvW
ShellExecuteExA
SHGetPathFromIDListA
SHGetFolderPathW
Shell_NotifyIconA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ