41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac[.]exe | Triage

Sharing

General

Target

41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac.exe
Size

97KB
MD5

5b57ac4842220141fcf111864cb0ae70
SHA1

1d33474614f857342667eb4e85344adba6ee4e59
SHA256

41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac
SHA512

d01049a835ccbb2524062b493bf12972e112fa59367a0de9d3a0a139ac0f5207e591b04783de927558b0169fde16ed071663c9c59b62d0c80151e3106ae45503
SSDEEP

768:7sT6mIV9UQ/r5LU31iBool1viTneodsAqqQBsyxcStEngPFoDVmMiWFPUSGqyD0S:QT4VVJUkk4z5s8pagFoDqsWqSn4aiu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac.exe

Files

41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac.exe
.exe windows:5 windows x86 arch:x86

0c1587a5599ec2d0717124054f68a96c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

iphlpapi

GetAdaptersAddresses

shell32

ShellExecuteW

user32

EndPaint

ws2_32

WSAStartup

Sections

.MPRESS1
Size: 46KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE