50a42b61fb0e8304e4642b6ea248fa34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50a42b61fb0e8304e4642b6ea248fa34
Size

1.5MB
MD5

50a42b61fb0e8304e4642b6ea248fa34
SHA1

5c0dc3dfef1dbb6988b91becde72f292f55e8a14
SHA256

94e19e3dd88dcdd8c8499ef9b39c5174cda804c33fc9f548647f226d574c8d57
SHA512

85e9b572e10ec38fd29b1af048984e5285b3aa42a9083b404a760feee96f8fdfe4fe779298f4828b17e27240da4ea6bb1946a5a6cb7a42e817fa57e2e38c46d1
SSDEEP

49152:6iDhp2ozwwmD0z1EXGEdqrCCswDkJtwO9sj:rjmK0GprvBDk/wO9W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50a42b61fb0e8304e4642b6ea248fa34

Files

50a42b61fb0e8304e4642b6ea248fa34
.exe windows:4 windows x86 arch:x86

6eb7294892e908deaa0593ec123a5de8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA
DdeCmpStringHandles

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
lstrcpyA
Sleep

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID
CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation

wininet

InternetSetOptionA

urlmon

CoInternetCreateZoneManager

winmm

sndPlaySoundA

shlwapi

SHAutoComplete

Sections

.text
Size: 22KB - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE