48be30da30d4ec0ed000b964ec06e140 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48be30da30d4ec0ed000b964ec06e140
Size

279KB
MD5

48be30da30d4ec0ed000b964ec06e140
SHA1

a21d375e2ba402e703b42ff76a3f68789b38da17
SHA256

f73212fc03de0f9c93e8e7f37d70ca4854354d3fce2678a74d460b684ac868ff
SHA512

48b5a7d7c01ccdc3b7ad803852f8cc1c76a40da4311f120dbb72647d2abafa6b97ed885f623989552a331e0728ac29d59cbf19bd8bea6edc2ffcbe766c60e06e
SSDEEP

6144:1vehC9Z9tDoFTbYUqo4v3bSoImCoAUKbeNk9gdKXIxy0evC5NESU:1veh6joBY3aYKbeNk9RUy0ZtU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48be30da30d4ec0ed000b964ec06e140

Files

48be30da30d4ec0ed000b964ec06e140
.exe windows:4 windows x86 arch:x86

facabd2333aba07559cd3ee0a5502131

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ReadProcessMemory
ResumeThread
VirtualAlloc
WriteProcessMemory
ExitProcess

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE