49ae8f81f37232e07df85eba32e7d730N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49ae8f81f37232e07df85eba32e7d730N.exe
Size

41KB
MD5

49ae8f81f37232e07df85eba32e7d730
SHA1

e5b12710f73a20396bd10a2ac65de24dae652342
SHA256

18f44efc25039ce307346b9b42a7a0f9a7e1591a5d87ebc48b21902b6ad51232
SHA512

77b77d5be690bc74feaeb58ea16cf2bab9b363f7217b0d7412f0588e0c292e8f6d28f53c3eac46181ca1f02cd9800d51a3e137d987032149fa6a107242ef03bd
SSDEEP

768:NqQoj/dSzNVQ1mDNJWbKEdBMQXQ3Cn4eQQbrcwxzhjP5v:MQoj/YNJcAQbTZxv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49ae8f81f37232e07df85eba32e7d730N.exe

Files

49ae8f81f37232e07df85eba32e7d730N.exe
.exe windows:4 windows x86 arch:x86

0c93a546ce014b95ee53a00e9f2ffe55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
Sleep
GetLocaleInfoA
GetStartupInfoA
ExitProcess
RtlUnwind
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
HeapValidate
GetSystemTimeAsFileTime
GetFileType
GetStdHandle
GetCurrentProcess
DuplicateHandle
SetHandleCount
GetCommandLineA
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
VirtualAlloc
VirtualQuery

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ