48ad3f78cf3221abbe317e86791bc146

Sharing

Copy URL Twitter E-mail

General

Target

48ad3f78cf3221abbe317e86791bc146
Size

230KB
MD5

48ad3f78cf3221abbe317e86791bc146
SHA1

8f9230c6c0c0edbabe523c52f7796bc6fbd17800
SHA256

7bf3cfac7ea594da685503796e4f39ee81e3af49d0b2857fe51a75371bfaec6e
SHA512

61e0a6b927ad9e173310acbccce75ac1a7145f788c58497b56e30f41ad4cfde9dec00c3342585cdfcdb7e69d9b9209c0b11ac79c3fa77b632fe54d457fee1e92
SSDEEP

6144:9m4uY0Xp1kWP86Dexg+ZEQnCj1V0jrQqGYLuU:oPY05vP8a7GeV0jrQWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48ad3f78cf3221abbe317e86791bc146

Files

48ad3f78cf3221abbe317e86791bc146
.exe windows:4 windows x86 arch:x86

372586bf58e75c55bb54f17153a423b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetACP
GetSystemDefaultLangID
GlobalAlloc
CreateEventA
VirtualAlloc
GetCurrentProcess
GetCurrentThread
GetVersionExA
GetCurrentProcessId
LocalAlloc
VirtualAllocEx
LoadLibraryExA
MoveFileExA
lstrlenA
LoadLibraryA
GetCurrentThreadId
GetOEMCP
GetLastError

shlwapi

PathIsDirectoryA
SHDeleteValueA
SHGetValueA
PathIsContentTypeA
SHDeleteKeyA

Sections

CODE
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

372586bf58e75c55bb54f17153a423b0

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

CODE Size: 71KB - Virtual size: 71KB

.data Size: 57KB - Virtual size: 56KB

.edata Size: 40KB - Virtual size: 39KB

DATA Size: 49KB - Virtual size: 49KB

INIT Size: 1024B - Virtual size: 660B

text Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 24B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 6KB

CODE
Size: 71KB - Virtual size: 71KB

.data
Size: 57KB - Virtual size: 56KB

.edata
Size: 40KB - Virtual size: 39KB

DATA
Size: 49KB - Virtual size: 49KB

INIT
Size: 1024B - Virtual size: 660B

text
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 24B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 6KB