4a5b48b8462674f8dc48b6656a62af9d9de5f6f659f60f6dec46bf6f4a14a022N | Triage

Sharing

General

Target

4a5b48b8462674f8dc48b6656a62af9d9de5f6f659f60f6dec46bf6f4a14a022N
Size

35KB
MD5

1a4f0e573dacd98bdf32ffec6dfb8260
SHA1

dda462581a1230ad879c1c8d9b8996efe97abaad
SHA256

4a5b48b8462674f8dc48b6656a62af9d9de5f6f659f60f6dec46bf6f4a14a022
SHA512

77ea58d219559fc533f8ce214bfc9e0bb1471b308604068804d36409a8bd16f72305c54572f57790c53d31609d9bf6abcd023db3850e48b9236d524ec7513acf
SSDEEP

768:wp1Qq2N7eyCcj1UjZ3mccstr6yBs4mS+g30+cnPfXB+RqgOA51Y0Kq:MQqPtWcftrzBL30+cn3B7gHnfKq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a5b48b8462674f8dc48b6656a62af9d9de5f6f659f60f6dec46bf6f4a14a022N

Files

4a5b48b8462674f8dc48b6656a62af9d9de5f6f659f60f6dec46bf6f4a14a022N
.dll windows:5 windows

c04bf20ff3c5dab11eaefd4238efef68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrStrIA

user32

CharLowerA

advapi32

RegCloseKey

ntdll

memset

Sections

.MPRESS1
Size: 33KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE