46b078a085be1726c69d4d22011b9b3e

General

Target

46b078a085be1726c69d4d22011b9b3e
Size

18KB
MD5

46b078a085be1726c69d4d22011b9b3e
SHA1

f9a0242fd4ae35f76564f8661b62aafc7f834d4b
SHA256

7ca777367f99ba388dd685981eb2f6ed8a0fea56cefb530cddd29e10ec2ea501
SHA512

c4cec1c0691f9a1f04a8e85b38e284a587b52aefe7b635c4e7f59e2d1cff6fcbbbbc2aae2ca06e490a6845bc062075ca9a60a2801f17e6266f12d94af3e6d657
SSDEEP

384:L4iY2yJyPj/0ELIjXP1XR5OySZl/FrN6OJI339dHqhycAI0Mo4gL1o:L5yQ05P1Cyyl/FrNTI3DKYc1oXL1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46b078a085be1726c69d4d22011b9b3e

Files

46b078a085be1726c69d4d22011b9b3e
.exe windows:5 windows x86 arch:x86

2891272fedbbe72bd4b4bfd7e8c126d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

gmtime
_splitpath
_locking
getc
_open
towupper
sinh
_dstbias
_ecvt
__CxxFrameHandler

ole32

CoGetPSClsid
HICON_UserFree
CoGetObject
CoGetCallerTID
OleCreateStaticFromData
StgConvertVariantToProperty

advapi32

TrusteeAccessToObjectW
SystemFunction013
ProcessTrace
BuildTrusteeWithObjectsAndNameW
TraceEventInstance
AddUsersToEncryptedFile
OpenTraceA
AccessCheckByType
SystemFunction033

gdi32

AddFontMemResourceEx
GdiPlayEMF
ExtSelectClipRgn
ExtEscape
GetDIBits

kernel32

GetCommandLineA
GlobalAddAtomA
GetTempFileNameW
SetCurrentDirectoryW
LoadLibraryExW
GetModuleHandleA
CreateEventA
GetConsoleAliasesA
SetCalendarInfoW
GetStartupInfoA
Module32FirstW
SetHandleInformation
lstrcpyn
VirtualAllocEx
GetSystemPowerStatus

user32

SetWindowPlacement
SendIMEMessageExA
GetWindowLongW
FillRect
GetClassWord
CreatePopupMenu
DdeNameService
IsCharAlphaNumericW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2891272fedbbe72bd4b4bfd7e8c126d6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ole32

advapi32

gdi32

kernel32

user32

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 20KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 20KB