50fccde9f2d3f840ef2fe2986238fd82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50fccde9f2d3f840ef2fe2986238fd82
Size

123KB
MD5

50fccde9f2d3f840ef2fe2986238fd82
SHA1

f41daf736872572ca244236119cc9f29e9c69e50
SHA256

820bc921fd4e74eec11cfa1e18ff33269f2adfd907062b34e0fbbead7ceee885
SHA512

7b046da618d6d48528ce2545f3ce0502d35554b422a6601a3457267e2d4fd24bd4d0cd9bdd7306588c1b61fbf78cc1460b33f6a19f53fd2690d417c2593e15ff
SSDEEP

3072:geZRNiyi1eqhWv3qUOkwoL8Dl2xkqTr+OcjKtuHc5/SpZ:geZLcecHsxkYrMj30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50fccde9f2d3f840ef2fe2986238fd82

Files

50fccde9f2d3f840ef2fe2986238fd82
.exe windows:4 windows x86 arch:x86

f64e5923fdfc0053856e60d265919335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoReleaseMarshalData
CreateStreamOnHGlobal

shell32

SHGetFolderPathA
DragQueryFileA
SHGetDiskFreeSpaceA
SHGetFileInfoA
Shell_NotifyIconA

kernel32

IsBadReadPtr
GetStringTypeA
GetFileSize
GetModuleHandleW
GetCommandLineA
GetModuleFileNameA
GetCurrentProcessId
VirtualAlloc
WriteFile
GetCommandLineW
WaitForSingleObject
CreateEventA
lstrlenW
GetProcAddress
LoadLibraryExA
ExitProcess
GetModuleHandleA
GlobalAlloc

msvcrt

memcpy
tan
exp
strlen

comdlg32

GetOpenFileNameA
FindTextA
GetFileTitleA
GetSaveFileNameA
ChooseColorA

oleaut32

SafeArrayUnaccessData
OleLoadPicture
SysStringLen
SafeArrayGetElement
SysReAllocStringLen
GetErrorInfo

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1024B - Virtual size: 898B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ