45628267f31b3a7119927d08ba5c8700N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45628267f31b3a7119927d08ba5c8700N.exe
Size

48KB
MD5

45628267f31b3a7119927d08ba5c8700
SHA1

6161677d58e146855371e66a59da7bbe57c6852a
SHA256

f3fc8c9fc83eff7e424bc905d11cfec67573af165ea2869449f17bc34e30aaf8
SHA512

a36280981ef540680215f4ecc61560d002cd0669c800a974d47dde70dae6cee0823c00f61d82a7ad2a4e05816661eba7321c4454caa045c1b015002a9ee10e06
SSDEEP

768:ErzgnD4UESkFEqVHPEnLhEgMfd+KxC6kWgOYjAVcf6xlJk8pgFldt5xNx1RJtNwq:EIn3qlLohnJAVcfvNRTzjh3q0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45628267f31b3a7119927d08ba5c8700N.exe

Files

45628267f31b3a7119927d08ba5c8700N.exe
.exe windows:4 windows x86 arch:x86

e95e3c19c1b1846eddfe9b97188d572c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreateProcessA
CreateProcessW
DeleteFileA
ExitProcess
GetCommandLineW
GetModuleFileNameA
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
HeapAlloc
ReadFile
SetFileAttributesA
SetFilePointer
WriteFile

ntdll

NtFlushInstructionCache
NtOpenKey
NtProtectVirtualMemory

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE