41cb2ed3a414003a5c88ec6e28131ea28a0395e8ccbe541113e2a3343fddc4bf | Triage

Sharing

General

Target

41cb2ed3a414003a5c88ec6e28131ea28a0395e8ccbe541113e2a3343fddc4bf
Size

55KB
MD5

a25ddf0fd1ed5c42d60a8b1fd7df0cd1
SHA1

c98951417f3117899f0c63a5097f9fe0a8f4d43d
SHA256

41cb2ed3a414003a5c88ec6e28131ea28a0395e8ccbe541113e2a3343fddc4bf
SHA512

ece28ec1ffff9cfe6d49d8846232606ab2713dd2fc3416bde8ae884297b025165d46899b67a129f05be122a63afd4b120d6f5b3107e11553c3e3ce881e1899de
SSDEEP

1536:qw788avzI+on+TqOK0cHMqtzMLvWsrupwnTf1GqT7E:qwda7KVr0cHneunw1E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
41cb2ed3a414003a5c88ec6e28131ea28a0395e8ccbe541113e2a3343fddc4bf

Files

41cb2ed3a414003a5c88ec6e28131ea28a0395e8ccbe541113e2a3343fddc4bf
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

POLSJDKW
Size: - Virtual size: 136KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

POLSJDKW
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE