46d0a036f364f018cc6901588c268259 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46d0a036f364f018cc6901588c268259
Size

127KB
MD5

46d0a036f364f018cc6901588c268259
SHA1

e361a143afc3b483a28e477fcf8657f1ba0a43fb
SHA256

0a7fa06d60afe74e42335a8bdfa01f6e3e707406d09c37d54eb81a2a64c8d103
SHA512

c9385a35f760674efa3b359e70db9e4b8efae8122e5a183b62a6c9baa08d5a64f27056e997e36a36b32a5a9968f0426d23d1287083ea5246e1e1215770ddc94e
SSDEEP

3072:gXPv90gUXxEZ9eiub2BOUjuGtUzeKiA2P7iSvhQToZSfsqgm2qvrsmJg:6tPE8hJKziA2jiSvKEUfNnTva

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46d0a036f364f018cc6901588c268259

Files

46d0a036f364f018cc6901588c268259
.exe windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 108KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ