49532d6e1754a875040fa34feb601033 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49532d6e1754a875040fa34feb601033
Size

312KB
MD5

49532d6e1754a875040fa34feb601033
SHA1

877658160edda6243abd5fe8fc39e8870f0bbb94
SHA256

a4ed203e1f0de3e55b392c077d6253bf5e6519ac1eab63e3db06eb83234acaa3
SHA512

2af2fd4223d4688a4000060cd10705bcc8165ae4f0a1f3d8281c2d2b894f5b8d4e97e5c531f7ffbd61562dce4a599371f956b1b869ca1b39befd81a9d0fa5d0c
SSDEEP

6144:0fMia51CW1pQr5J54U8qa1iNb1/O2NkAtsTMT4PWp/:/Z51dgJ/2A1O2Nk9To4K/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49532d6e1754a875040fa34feb601033

Files

49532d6e1754a875040fa34feb601033
.exe windows:1 windows x86 arch:x86

abdcc5b65637d41529532d3e399f95bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
CloseHandle
CreateProcessA
DeleteFileA
CreateFileA
GetModuleFileNameA
GetModuleHandleA
SetFileAttributesA
WaitForSingleObject
WriteFile
ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 305KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ