48be84172528f86308875d57efb33ff12d92f16a7d407a11c6859fee710c1f48[.]exe | Triage

Sharing

General

Target

48be84172528f86308875d57efb33ff12d92f16a7d407a11c6859fee710c1f48.exe
Size

508KB
MD5

06b3132bdb41402f2bf643a712175e77
SHA1

8836a16eab72ca93a945d0a29d3f8385cf10baa7
SHA256

48be84172528f86308875d57efb33ff12d92f16a7d407a11c6859fee710c1f48
SHA512

c7f3ffe3066073803eeea764035a99a9df49b567f464a35d725d5fe27159c88e0b5bf56e0e90ba1187e48a8d181604fa3f72855ac098f2bef7402325b3c02b06
SSDEEP

12288:rMGedRE83xVOESLawOVP6hO9724GpBb33:rMGede83xVOKchO97SpR33

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
48be84172528f86308875d57efb33ff12d92f16a7d407a11c6859fee710c1f48.exe

Files

48be84172528f86308875d57efb33ff12d92f16a7d407a11c6859fee710c1f48.exe
.dll windows:6 windows x86 arch:x86

e4354d92e4ab82c15bc7e347b14d1d7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
WaitForSingleObject
DeleteCriticalSection
GetLastError
CreateFileA
WaitForMultipleObjects
WideCharToMultiByte
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetProcAddress
LoadLibraryA

Exports

Exports

DefortHeksW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ