48f788f98ddde229dbd50f6c664be4c8eaaf8a38d7f171b1819a8be96fd34661 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48f788f98ddde229dbd50f6c664be4c8eaaf8a38d7f171b1819a8be96fd34661
Size

3.0MB
MD5

8f687e5f2ea27d0f8e038c1629bad7da
SHA1

5e2fe6862ab36b9ee758a0de69188b4dd6ad0bb2
SHA256

48f788f98ddde229dbd50f6c664be4c8eaaf8a38d7f171b1819a8be96fd34661
SHA512

f872caf0a9678bc569e0e974efd6bcfde52df85e425d7e70325e8075e976938415a249e45e9f1931471b28ae8a5577a36ca1a9815feb3496633a441c1b90d530
SSDEEP

49152:jQdN4YQz03g3+BA8+bIcrJYDqKnUQ3alRa9mC:cdeYfwOBA8+bIcrKDqKnDqlRa9t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48f788f98ddde229dbd50f6c664be4c8eaaf8a38d7f171b1819a8be96fd34661

Files

48f788f98ddde229dbd50f6c664be4c8eaaf8a38d7f171b1819a8be96fd34661
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 570KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xpurksha
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zisdluxr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE