46b679b230d51819bc9e63114e368fab3e24588423f8d7253e3c0fa0c1a8c400[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46b679b230d51819bc9e63114e368fab3e24588423f8d7253e3c0fa0c1a8c400.exe
Size

63KB
MD5

00c3beadf2ba1e98ddfe631b7e059150
SHA1

04d856d82006fd0ae2a95dfd754c9a6fa476e920
SHA256

46b679b230d51819bc9e63114e368fab3e24588423f8d7253e3c0fa0c1a8c400
SHA512

606b78dadec5d03737054cc701c10b9adb552dcea7ae29ac91134c352d408bf0ae85e6ea0a5dd15a7d92a2b8f2f5e1965e427aef61c896abfc2ffd7ddd01b561
SSDEEP

1536:ahGNU03HLO2PIzFV8ZO9ngCRvOxBMXZRq9GQU80sUxaSCXfOw:aW5lPQFV8Z4gCS2pRq9fUxYT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46b679b230d51819bc9e63114e368fab3e24588423f8d7253e3c0fa0c1a8c400.exe

Files

46b679b230d51819bc9e63114e368fab3e24588423f8d7253e3c0fa0c1a8c400.exe
.exe windows:4 windows x86 arch:x86

93aa10a3300d392a420f485de9ee4160

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemWow64DirectoryA
GetTempFileNameW
GetThreadSelectedCpuSets
BaseCheckAppcompatCacheWorker
RemoveVectoredContinueHandler
GetDllDirectoryW
CreateProcessA
CreateActCtxWWorker
GetCurrentConsoleFont

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE