c47f41548b3cf6c4f2e2dc8e8f364c1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c47f41548b3cf6c4f2e2dc8e8f364c1a
Size

169KB
MD5

c47f41548b3cf6c4f2e2dc8e8f364c1a
SHA1

e26d344f92873b6e22726ba440b0ca627ebc5cfa
SHA256

14fda609a542c14825f89ebc47efc999b55a175e84142c517f8a99f971af8119
SHA512

8a1a1fda2379e3f0b2739dc5991e17e1e037c63421ed112a10f35ba17f7947a7b3d49623417204aae0dbbf1de030c0e4c6f4d8dfc4476c4c98ecb704255db415
SSDEEP

3072:LgGyCnSIpHB5Up7YzdVbGwiPgB4iEm6sHs8FE5urPGFtIFXA+uZM:LLyvIHbZ1V6icsaFt0XA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c47f41548b3cf6c4f2e2dc8e8f364c1a

Files

c47f41548b3cf6c4f2e2dc8e8f364c1a
.exe windows:4 windows x86 arch:x86

330c78e2dd89a8c0fd323e266373b5f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW

winmm

mciSendCommandW
sndPlaySoundW

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

AddAtomW
TlsFree
GetModuleHandleW
FlushFileBuffers
GetModuleHandleA
CreateFileMappingA
TlsSetValue
WriteConsoleW
GetVersionExW
GetLastError
GetEnvironmentVariableW
SetLastError
HeapFree
TlsGetValue
GetProcessHeap
EnumResourceNamesA
GetProcAddress
LoadLibraryExW
HeapAlloc
CreateFileW
MapViewOfFile
CreateFileA
InterlockedIncrement
IsBadStringPtrW
TlsAlloc
GetTempPathW
GetConsoleMode
ExitProcess
GetVersionExA
UnmapViewOfFile
GetConsoleCP
InterlockedDecrement
Sleep

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ