c44866499806855801e2e7a55500045a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c44866499806855801e2e7a55500045a
Size

383KB
MD5

c44866499806855801e2e7a55500045a
SHA1

613942fb964bcf4fa860131a128f8b3f6be1cab3
SHA256

05ef36fa64ae5f2158558442254fdaa29874bfe2946ed337fe1ee535cb7df79a
SHA512

27be188bd3112c71204708e461a8ab97227e1834e2fe2c676458ac50d13502ea20857b5383f0df2bbf3efb9dfc2ebe046df2d9e839f3acbe158cbab8fbdf27de
SSDEEP

6144:oXYlZFbnPoZEdTRd2dl5pE3/c5joT4bX4O/uhlWLjJoxGq6IEnAAQPdZ0PxG:oXYXFbEEszqc5RbX4g2eFYGq66rPdZ04

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c44866499806855801e2e7a55500045a

Files

c44866499806855801e2e7a55500045a
.exe windows:5 windows x86 arch:x86

4582ffdd7eb98cb63a937096204182b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 36KB

.idata
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ