d450d566d094e7f362aa4e53710a1c21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d450d566d094e7f362aa4e53710a1c21
Size

136KB
MD5

d450d566d094e7f362aa4e53710a1c21
SHA1

7f943f7d3fd86ea53fb4fa8e39b2672dbff6cee4
SHA256

26905ea01a941a8d347b1234636ba6bff3042ddec2696c5dc1a1661fda8c44ba
SHA512

fd8fe0fee4806a5388d1f7274596488533aea1815227de52807ead84c75090e443329e49ab5c574812684c485e1ab3ce4e5372dace98a79145861afeb7932a50
SSDEEP

3072:SHbL3KadRMsOS9h7aSEj2JFE60RdMfImgEkRuadwU6m7EpwhnTY/:SSazOS9h3ESbmdcIfEkMULEpp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d450d566d094e7f362aa4e53710a1c21

Files

d450d566d094e7f362aa4e53710a1c21
.exe windows:4 windows x86 arch:x86

13bc3c3634f027036b1276085df23569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
PostThreadMessageA
CharNextA
GetMessageA
SetTimer
CharUpperA
PeekMessageA
LoadStringA

kernel32

ClearCommBreak
CreateProcessW
CreateFileMappingA
ClearCommBreak
ExitProcess
CreateMutexA
EnumResourceNamesW
GetExitCodeProcess
ReleaseMutex
ExitProcess
QueryPerformanceCounter
GetStartupInfoA
MapViewOfFile

rpcrt4

RpcBindingSetAuthInfoA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcStringFreeA

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ