49d966db740bc7110f6b10985c43a771 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49d966db740bc7110f6b10985c43a771
Size

392KB
MD5

49d966db740bc7110f6b10985c43a771
SHA1

d20a005cda18dc5b282180bdd237a67086f3ca46
SHA256

138224ff88d44a33710e214d744525ea46582e2dea78a9b8bab2990effeb732d
SHA512

cd1b9f8d8bfa9a34575b99e434fa3b506c20767f469c5bfb1c3dcfc58662e234105a810635cf5d02ccc32e739ec0287f972b7df60b90632e5eb9b05cae311cbf
SSDEEP

6144:hmUkqkFwzgVq767LkLbv1P/AxrvNCBeq0fG5bfAYSR6VbysZk1dWyRr3ddn3:fCJibvNYJbxYYgbRke6Dj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49d966db740bc7110f6b10985c43a771

Files

49d966db740bc7110f6b10985c43a771
.exe windows:4 windows x86 arch:x86

30d5b2eaf8ac860e743327a3aeb53740

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
SetLastError
ExitProcess
GlobalFree
HeapDestroy
CreateFileA
FreeConsole
FreeEnvironmentStringsA
GetACP
Sleep
LocalUnlock
LoadLibraryExA
CreateMutexA
GetModuleHandleA
SetVolumeMountPointA
UnmapViewOfFile
GetLastError
TlsGetValue
HeapCreate
FindClose

user32

GetDlgItem
DrawEdge
CallWindowProcA
DefWindowProcW
FillRect
CopyRect
GetIconInfo
GetFocus
DispatchMessageA
GetDC
DrawMenuBar
CheckRadioButton
IsWindow

uxtheme

GetThemeRect
GetThemeSysInt
DrawThemeIcon
DrawThemeEdge
DrawThemeText

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ