48f5168c2fd78707c205085bc8f7c13a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48f5168c2fd78707c205085bc8f7c13a
Size

636KB
MD5

48f5168c2fd78707c205085bc8f7c13a
SHA1

9cf0ce860b0f91a7bacc0ac1d4bb6327f40999ee
SHA256

c46be5070e7c5326984aaa6d9f27a9043e91df886de929d2904e9b3b52e69a08
SHA512

a204f09d6b142ef99e0496cf2a318699864b72a05b6c014a40eca322dbdf5e6ba68007157a31f304bb5f826f6310849fabf82d2532e0b3a00f1382e7f2a6f4b7
SSDEEP

12288:ECRkRofYD8W+gX9wG5zWT8InhEqgZ+grYOSgsYNiwm7G:EC2iU8W+geRT71gIwYO9xNiw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48f5168c2fd78707c205085bc8f7c13a

Files

48f5168c2fd78707c205085bc8f7c13a
.exe windows:4 windows x86 arch:x86

4d8e9e06f8e51550e3e5089179e9846d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA

Sections

Size: 458KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 87KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ccg
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE