0450c7e6c413a63af47c0474a8a8f8e0c63c5acdf098b8e619f437d0cf4d829c | Triage

Sharing

General

Target

0450c7e6c413a63af47c0474a8a8f8e0c63c5acdf098b8e619f437d0cf4d829c
Size

64KB
MD5

0ed7d62fc09814ce1f8f7b3b88b8a081
SHA1

6a13bc929eea9d9b0b11478cd2b29386b1df5d37
SHA256

0450c7e6c413a63af47c0474a8a8f8e0c63c5acdf098b8e619f437d0cf4d829c
SHA512

60e811bb27be4105348041a1f0e70ac9be85c29c9d291dc3c928483da3f9b8a5c6f7f9f7093596987012fa6d58ed7bf85d1b2bd537a29060b9259aef0132ab4b
SSDEEP

1536:zzq+5hRpfv07XCH8mIahlh/EoP9fJtfG+v/kjC/ExN49ZPFfq8mJ:ECGahZJtfG+9E2ZPQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0450c7e6c413a63af47c0474a8a8f8e0c63c5acdf098b8e619f437d0cf4d829c

Files

0450c7e6c413a63af47c0474a8a8f8e0c63c5acdf098b8e619f437d0cf4d829c
.exe windows:4 windows x86 arch:x86

88318d0a74542a043a5bad06ad4fd2a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
fopen
fseek
fclose
strcmp
memmove
strncpy
_CIlog
malloc
free
ftell
fread
strlen
strcpy

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
LoadLibraryA
CreateFileA
GetFileSize
HeapAlloc
ReadFile
HeapFree
CloseHandle
Sleep
FreeLibrary
InitializeCriticalSection
GetModuleFileNameA
GetCommandLineA
GetLastError
HeapReAlloc
FlushFileBuffers
WriteConsoleA
WriteFile

user32

MessageBoxA

Sections

.code
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ