46088949f74d1723328dd95276c1c680N[.]exe

General

Target

46088949f74d1723328dd95276c1c680N.exe
Size

32KB
MD5

46088949f74d1723328dd95276c1c680
SHA1

90e55295dbbc0ef25ff4d68a296b9b6d56bd624d
SHA256

45be7efd13602d8385df11e31ea41784f71b0d25faa08b7e6536dc55bd9d1563
SHA512

8d6e5ce36db1c90b4cc38c6c844e2d3208ca8da83882d4221eec2b093546baf6619146a70d98ab64adfd15706bac1cbdcf3bff783ce1eab0eee9ee79642328a9
SSDEEP

384:gbPCcid30Dlem1041lhOPKlgmbcmN6NCX5Bne0WqpsRWSWRb6qJQfN:yPCcid3FmWTIVhNi4DPvpEzW96UQfN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46088949f74d1723328dd95276c1c680N.exe

Files

46088949f74d1723328dd95276c1c680N.exe
.exe windows:5 windows x86 arch:x86

a89aa3dae89e01a1b6cab38a257d89d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
DllInitialize
GradientFill
vSetDdrawflag

user32

wsprintfA
SetCursorPos
IsWindow
GetCaretPos
CreateWindowExA
IsDialogMessageA
DrawIcon
GetPropA
GetWindowLongA
DispatchMessageA

mprapi

MprInfoBlockFind
MprAdminConnectionEnum
MprAdminDeviceEnum

modemui

InvokeControlPanel
drvCommConfigDialogA

kernel32

GetDateFormatA
GetProcessTimes
GetCurrentProcess
LoadLibraryA
GetCurrentDirectoryA
DeviceIoControl
CompareStringA
GetTimeFormatA
GetAtomNameA
GetConsoleTitleA
SetFilePointer
UpdateResourceA
GetComputerNameA
ReadConsoleA
GetProcessHeap
GetStringTypeA
GetVolumePathNameA
ReadFile
GetProcAddress
SetEnvironmentVariableW
CloseHandle
GetBinaryTypeA
GetGeoInfoA
GetConsoleAliasW
GetPrivateProfileIntA
CreateDirectoryA
GetTickCount
WaitForSingleObject

certcli

CACloseCertType
CAEnumFirstCA
CACloseCA
CAEnumNextCA

wtsapi32

WTSVirtualChannelOpen
WTSSetUserConfigW
WTSWaitSystemEvent
WTSVirtualChannelClose
WTSQuerySessionInformationA
WTSSendMessageA
WTSEnumerateProcessesA
WTSOpenServerW
WTSFreeMemory
WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSSetSessionInformationA
WTSVirtualChannelWrite

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a89aa3dae89e01a1b6cab38a257d89d8

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

user32

mprapi

modemui

kernel32

certcli

wtsapi32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 155B

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 155B

.rsrc
Size: 21KB - Virtual size: 21KB