49f8a1df4cdbfa0a41beba3d55fb2490 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49f8a1df4cdbfa0a41beba3d55fb2490
Size

18KB
MD5

49f8a1df4cdbfa0a41beba3d55fb2490
SHA1

6e6c6a611f54f429c8d908c61aad89b721545b1d
SHA256

bb04d8dee5a231b2338dc66bda551f61d94f6e398bd6e78b1fe8f35648877304
SHA512

87c25e6206ea0871eb00064c900dcf40ffb310f6a09a19040e42a2adf38dd02386ff762ed13d07796c50b2f5e4c1f22506cf2a93b0bcce5545d19c17ec07432d
SSDEEP

192:cJ5Udy4YQImUsPtoS7m6o4kELzkyFcbGMiNbelWFx1qzbH64y6xKSI3H01cE:cFBQJUsiS7RPDHfGRilCUqzba4oSIUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49f8a1df4cdbfa0a41beba3d55fb2490

Files

49f8a1df4cdbfa0a41beba3d55fb2490
.exe windows:12042 windows x86 arch:x86

7c4353bf0a66cdb6a700c7547199a237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
DefWindowProcW
SetForegroundWindow
DispatchMessageA
PostQuitMessage
GetDlgItemTextW

kernel32

ReadFile
SetEvent
ExitProcess
GetACP
VirtualFree
VirtualAlloc
CreateFileW
GetCommandLineW
LoadLibraryA
HeapFree
GetModuleHandleA

advapi32

FreeSid
RegDeleteValueW
RegQueryInfoKeyW
FreeSid
RegOpenKeyExW
RegOpenKeyExW

gdi32

GetObjectW
CreateSolidBrush
CreateSolidBrush
GetTextExtentPoint32W
GetTextMetricsW
CreateCompatibleDC
CreateCompatibleDC
SelectObject

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ