5046f669eff54cba9f99fcf092235625eb9ebd9e28a03ccf26d57db941a76f10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5046f669eff54cba9f99fcf092235625eb9ebd9e28a03ccf26d57db941a76f10
Size

5.0MB
MD5

644f9791f582c2c39bc4bcd945f18ee0
SHA1

f39086c4203e56a6076c517febd87b681b0e2ea8
SHA256

5046f669eff54cba9f99fcf092235625eb9ebd9e28a03ccf26d57db941a76f10
SHA512

d66eebc629341da78eafc93658539de364695d8078ce2597f4f6f6cfe7f5a6153c496f92e3568c78e697b86f332942c5844c97fa81285e6fbc4c1859b9b00900
SSDEEP

98304:H/b7xT5PIaVnO8lrZqyOgVTCT+uRdgoGIONdM8OfYLlU3OpyGNQSAf:fxT5PLVO8TX8QPdufklUGyGiSA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5046f669eff54cba9f99fcf092235625eb9ebd9e28a03ccf26d57db941a76f10

Files

5046f669eff54cba9f99fcf092235625eb9ebd9e28a03ccf26d57db941a76f10
.exe windows:5 windows x86 arch:x86

82f5dc1227668a0f5f7715b5460f977a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection

msvcrt

_strdup
__getmainargs

Sections

.text
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 112B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oa&
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Jh|
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s[m
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ