43662e68046f7ba9f58863a4f68170c4752e8da64e76324fb25fbabb193bb361[.]exe | Triage

Sharing

General

Target

43662e68046f7ba9f58863a4f68170c4752e8da64e76324fb25fbabb193bb361.exe
Size

2.0MB
MD5

4d6339eab1f1654594348e436412cd75
SHA1

4682536719f04dd68304c4561507a8b3222eebd5
SHA256

43662e68046f7ba9f58863a4f68170c4752e8da64e76324fb25fbabb193bb361
SHA512

40a72f25c730a50c00480ef54bbc10508bb5d7e2f23537e50ab0993d12e88d2d2ac6657cc434d6f9eca668a94ff6822da14172f547ecc87b550f9c8d1c359131
SSDEEP

49152:G8yeqzXA3KknaWR78tSrBz4UCRWw4zVsvXB5HhMRAovIv2SSOS2inrf3/3u4MrzJ:o5HhMRAovPO9inrXeI3sl+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43662e68046f7ba9f58863a4f68170c4752e8da64e76324fb25fbabb193bb361.exe

Files

43662e68046f7ba9f58863a4f68170c4752e8da64e76324fb25fbabb193bb361.exe
.exe windows:4 windows x86 arch:x86

1cf44af83fe193f1a81251d93a25cfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowW
SendMessageTimeoutA
wsprintfW
SendMessageTimeoutW
FindWindowA

shell32

ShellExecuteW
CommandLineToArgvW

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetTickCount
GetCurrentThreadId
GetCommandLineA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
CreateFileW
GetNativeSystemInfo
GetVersionExW
GetLastError
ReleaseMutex
CreateMutexW
CreateMutexA
WaitForSingleObject
CloseHandle
FreeLibrary
LoadLibraryW
GetProcAddress
GetCommandLineW
LocalFree
GetCurrentProcessId

Exports

Exports

_Decode@16
_DecodeEx@20
_StringToKey@8

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ