512b46dfdf07780b72129319786534dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

512b46dfdf07780b72129319786534dd
Size

352KB
MD5

512b46dfdf07780b72129319786534dd
SHA1

4cc59c8fa5453ea655e1887a1eb013a29d921304
SHA256

ef371533222bb7cb31a128e335401f56c596064be35812d23fe95ac11c3d9edd
SHA512

e32c305dc226f3097133129b1abb09f89bf4c4480a4c5406d02f6e3956d8664bd1e4304ada80ae9ee6c361c328303750fe37630ed213371a3b657bb26cef58f8
SSDEEP

6144:+quntRO9yF3uzNtJjaj1pg42iLG1wgzxlYTyfSidHbOY/kXzjlsnSSg9u4bRG3:+q0tuyFgNPI1pt2iL+/3f17IzySA4bA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
512b46dfdf07780b72129319786534dd

Files

512b46dfdf07780b72129319786534dd
.exe windows:4 windows x86 arch:x86

364913198ea2336a08086dae6288069b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
FreeLibrary
GetProcAddress
EnumDateFormatsA
LoadLibraryA
WideCharToMultiByte
Sleep
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess

oleaut32

LPSAFEARRAY_UserFree
CreateErrorInfo
VarUI1FromI1
GetErrorInfo
SetErrorInfo
VariantInit
SysFreeString

ddraw

DirectDrawCreateEx
DirectDrawCreate

Sections

.text
Size: 220KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE