44bebd6899e69f1fbb46841d1e16857d7a61f96c1e11cba49e0f716594ec2a98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44bebd6899e69f1fbb46841d1e16857d7a61f96c1e11cba49e0f716594ec2a98
Size

2.2MB
MD5

d1b4fd4402c5e75dd28e2f76306c848a
SHA1

1f7ebb40bfe33df6377dd6a41c42fb926287f39a
SHA256

44bebd6899e69f1fbb46841d1e16857d7a61f96c1e11cba49e0f716594ec2a98
SHA512

27886f394753304dbef56f2f186a5016af3e422487c2615f487f6bebf1a6c3009ba17c09ac733fffaf101636f83d0808d5503c7edee8fb99897dba3e7e919b30
SSDEEP

49152:TeF1xn14/x7HU54aHtALzrQ+nPD5c51SVaesuRw9i/J3snHU:S1xn1k7c4o6Lzt75c51SVaesZ9mJcnHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44bebd6899e69f1fbb46841d1e16857d7a61f96c1e11cba49e0f716594ec2a98

Files

44bebd6899e69f1fbb46841d1e16857d7a61f96c1e11cba49e0f716594ec2a98
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

Start

Sections

Size: 591KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

abgotimx
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

joihzbpi
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE