49cf267ae21ab45cb6c5a35cf5cf5e75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49cf267ae21ab45cb6c5a35cf5cf5e75
Size

12KB
MD5

49cf267ae21ab45cb6c5a35cf5cf5e75
SHA1

91f0dc6285479db280454812cc98dce3e68f1787
SHA256

a5acc36d753e2a63394e9db37e237e5858d0559c1181bd8f1ea16c6e1b1a23a9
SHA512

0f6c3ee7a0328aeba15cafaa477584a16d5459c714f90bcaf0ff33e5682f6841f3b4829c4e35392b13af63ae1510c4669dd41cf3d9e87df939c043715229d886
SSDEEP

192:w9OPNPB7FqGAIh41WuySTnHPo2esoMeCvd3tAoceYq6qJjF7e:zzq8h4b5nHFesDeC19Apq6qve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49cf267ae21ab45cb6c5a35cf5cf5e75

Files

49cf267ae21ab45cb6c5a35cf5cf5e75
.exe windows:1 windows x86 arch:x86

871beadaf63724bf2eb41f4bc0275000

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
CreateThread
CreateMailslotA
CreateWaitableTimerA
EnumDateFormatsA
FindAtomA
FindFirstFileA

msvcrt

strpbrk
setbuf
wcschr
rewind
pow
wcslen
wcstod

Sections

.text
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE