548394bfc7149bdf27fd91075bee48f7 | Triage

Sharing

General

Target

548394bfc7149bdf27fd91075bee48f7
Size

124KB
MD5

548394bfc7149bdf27fd91075bee48f7
SHA1

9bb1e8a77e5d05f5259e6dba2c640d0373272036
SHA256

c34b97d632de9be43fac9937b370b49a26b7e420786e3f83901457bda63f5259
SHA512

188f9a9d77ab724511f367e3edeebabea259b2fd6c455c2cd202cd185518a0ba0ab2d0b84aad5c982d53d5f3ae94c99843ad7fcd7a1f4c47c41b703ac4053d3e
SSDEEP

3072:jLsALYwil+Jfw99DjPdyTfXHziqNz6yMVWtZd:nRpVw9qPdNz6TVEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
548394bfc7149bdf27fd91075bee48f7

Files

548394bfc7149bdf27fd91075bee48f7
.exe windows:4 windows x86 arch:x86

951b6b0f85023c833a13a24d66ba6096

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
GetExitCodeProcess
ExitProcess
ClearCommError
ReleaseMutex
CreateMutexA
EnumResourceNamesW
QueryPerformanceCounter
CreateProcessW
ExitProcess
GetStartupInfoA
CreateFileMappingA
MapViewOfFile

user32

CharNextA
KillTimer
PeekMessageA
SetTimer
CharUpperA
PostThreadMessageA
GetMessageA
LoadStringA

rpcrt4

RpcBindingSetAuthInfoA
NdrClientCall
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ