d844c660f36cdd3377fe1e45108b76534951ff64195429df08ccc3faef846f54

Sharing

Copy URL Twitter E-mail

General

Target

d844c660f36cdd3377fe1e45108b76534951ff64195429df08ccc3faef846f54
Size

49KB
MD5

eabc2cfd92095f438d88567d4645aaa2
SHA1

fad0b07fc1d557b6433ab04af530c99f7f6ae711
SHA256

d844c660f36cdd3377fe1e45108b76534951ff64195429df08ccc3faef846f54
SHA512

073501c7caa39bcacb0454b5155572e0b2fca695956af8b1e0633dcb4f6317ee45e25a1b90aaddfe5c05fa2c39fc44f3659e07a29b858a98533cd1e35d46d8a0
SSDEEP

192:Iuo7XyDgNQHSwQMx1TT87b6q+31NoXcOBZuCM:IB7iDgiw7bR+31N2/a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d844c660f36cdd3377fe1e45108b76534951ff64195429df08ccc3faef846f54

Files

d844c660f36cdd3377fe1e45108b76534951ff64195429df08ccc3faef846f54
.exe windows:4 windows x86 arch:x86

148c839f803e32c8ad5cba86b2da5092

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Imports

kernel32

CloseHandle
CreateProcessW
GetCommandLineA
GetCommandLineW
GetModuleHandleA
GetModuleHandleW
GetStartupInfoA
GetStartupInfoW

shell32

SHGetFolderPathW

ucrtbase

__p___argc
__p___argv
_configure_narrow_argv
_get_initial_narrow_environment
_initialize_narrow_environment
_set_app_type
exit

user32

LoadStringW
MessageBoxW

Sections

.text
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 4KB - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 4KB - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

148c839f803e32c8ad5cba86b2da5092

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

ucrtbase

user32

Sections

.text Size: 4KB - Virtual size: 864B

.rodata Size: 4KB - Virtual size: 192B

.rdata Size: 4KB - Virtual size: 376B

.buildid Size: 4KB - Virtual size: 53B

.eh_fram Size: 4KB - Virtual size: 252B

.edata Size: 4KB - Virtual size: 50B

.idata Size: 4KB - Virtual size: 768B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 48B

.text
Size: 4KB - Virtual size: 864B

.rodata
Size: 4KB - Virtual size: 192B

.rdata
Size: 4KB - Virtual size: 376B

.buildid
Size: 4KB - Virtual size: 53B

.eh_fram
Size: 4KB - Virtual size: 252B

.edata
Size: 4KB - Virtual size: 50B

.idata
Size: 4KB - Virtual size: 768B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 48B