44aff363646429325be5c3f8745a6750N[.]exe | Triage

Sharing

General

Target

44aff363646429325be5c3f8745a6750N.exe
Size

39KB
MD5

44aff363646429325be5c3f8745a6750
SHA1

3d998719e90454331751c4057908862c876d8701
SHA256

bb98ae1ad2131bd43ea983a32c7f95d7a17a647ab5b143aa2143e1eefd8fb682
SHA512

d2161979a58c5f9bce92f28593522ea9c0db3cbc997780bc053117cced568b1d4db42c276a2b61607e8fa5dfa249bceaaee3f87fdc4142a4524cd99a26606ab0
SSDEEP

768:EXgqefjKf3Z6qSRnzpdwT1RIj1egKRFXSp/Dfm982r7D7:QgqeGB6qAnzpdw5Y0wLm9hH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44aff363646429325be5c3f8745a6750N.exe

Files

44aff363646429325be5c3f8745a6750N.exe
.exe windows:4 windows x86 arch:x86

5b4e734e734027217722fe4eb0093f3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

FreeSid

shell32

ord680

wininet

InternetOpenA

Sections

.MPRESS1
Size: 34KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE