49759e32473a306b2680911b9d6f6f4d11a8e350e3f8e71a9dcd69e36fac15f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49759e32473a306b2680911b9d6f6f4d11a8e350e3f8e71a9dcd69e36fac15f5
Size

119KB
MD5

2ccb06f4b6a177bff78295a80d26de06
SHA1

28c09d6a6e25c75865b7df0575ad5fe21e3e8fce
SHA256

49759e32473a306b2680911b9d6f6f4d11a8e350e3f8e71a9dcd69e36fac15f5
SHA512

eb7c9a6bf51a198a38aa35f183c45a32d51baeebc6f30f0de52846ef09eb5e1f6f29687979cb894e22509414d0f5d629459333eefe372b3970c5a582be3ebcdc
SSDEEP

3072:FbDmLgOJx4EkRPTxj5pOUH6QqyXKVit3ute8CMYXR:F3mLgkARzpONfyaViwuvXR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49759e32473a306b2680911b9d6f6f4d11a8e350e3f8e71a9dcd69e36fac15f5

Files

49759e32473a306b2680911b9d6f6f4d11a8e350e3f8e71a9dcd69e36fac15f5
.exe windows:4 windows x86 arch:x86

d4f22dac4750181b71e1bd5b9235f4af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedPushListSList
GetFileInformationByHandle
UpdateCalendarDayOfWeek
GetOverlappedResultEx
PssWalkSnapshot
TransmitCommChar
TermsrvCreateRegEntry
GetLocaleInfoW
CreateThreadpoolTimer
BaseUpdateAppcompatCacheWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE