545fd9d12001e89c3d72baf46352cde8 | Triage

Sharing

General

Target

545fd9d12001e89c3d72baf46352cde8
Size

168KB
MD5

545fd9d12001e89c3d72baf46352cde8
SHA1

456f4ba5028a75fee0487bf9669a9c655ecc3dbc
SHA256

5166e1bac0dc7813b6a3602e0a1e22fff187b2a0630f28fa5bbd71f32ffe7581
SHA512

8aff48f327e15c069ea2dd7bd863b40233204533e66cdb21517845d90ae4bb0dbc962c55a3829af563eb39d2b2fe201a8c9a9633ebff3e70b854ef5c1845142c
SSDEEP

3072:ftVTXec7rzjAjUenxTD7yNfKwNUbOf0ZzOxpxbNfiNvRQjeAEcZAA90e+1uA0:fv3AjU41XwqbOfGa9bmvRqePcy0+19

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
545fd9d12001e89c3d72baf46352cde8

Files

545fd9d12001e89c3d72baf46352cde8
.exe windows:4 windows x86 arch:x86

22aa25a9dbb99211db866b1a30897dd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
ReadFile
VirtualProtect

user32

wsprintfA
wvsprintfA

Sections

)ujXm?c\
Size: - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

JbcIC7=0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XidTso:.
Size: - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BTb`e!GA
Size: - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

^;:]LVR=
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE