46fe0988f83c896697a88d978569f2b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46fe0988f83c896697a88d978569f2b0
Size

143KB
MD5

46fe0988f83c896697a88d978569f2b0
SHA1

1f82f9c69d17e14f40329f3e97f9842ba3aed833
SHA256

d484737cc824f7f31c08101c6ee11fd83c97ddffcc70e4a98e2cd8f94f7b144a
SHA512

8a2149af2fdf738ef29fba85d130d1637f683157aeb7237796079ed5ebd46af74ec2e3f638e7efb02619aea3e906a985321c11e8f7edf469a0efb17fc04dacd4
SSDEEP

3072:Oymc8EJbhEE+mGDH+8y/ZaY+CFPaBcsDIAzAsbUJ8La:OvUt+mGDi9P+zkAzAsbpL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46fe0988f83c896697a88d978569f2b0

Files

46fe0988f83c896697a88d978569f2b0
.exe windows:4 windows x86 arch:x86

f41be45b7aaedcbbbf301befa5a77f10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FreeLibrary
GetLastError
CreateFileA
LoadResource
GetTempPathA
GetTickCount
WinExec
lstrcmpiA
GetVersionExA
ReadFile
GetModuleFileNameA
CreateProcessA
DeleteFileA
GetSystemDirectoryA
Sleep
CreateThread
GetStartupInfoA
OutputDebugStringA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
CloseHandle
CopyFileA

user32

RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
LoadIconA
DispatchMessageA
PostMessageA
DefWindowProcA
DestroyWindow
PostQuitMessage
TranslateMessage
wsprintfA
ShowWindow

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
StartServiceA
OpenServiceA
OpenSCManagerA

shell32

SHGetSpecialFolderPathA

msvcrt

__setusermatherr
_initterm
__getmainargs
_acmdln
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_mkdir
exit
_XcptFilter
malloc
strlen
sprintf
memset
rename
fclose
fwrite
fopen
strcat
_access
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
realloc
strchr
strcpy
_exit

shlwapi

PathFileExistsA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ