4ea00d8795a88c9dc87c73549c99b9eaea6c381bb57d5473cc6144aaf6656814 | Triage

Sharing

General

Target

4ea00d8795a88c9dc87c73549c99b9eaea6c381bb57d5473cc6144aaf6656814
Size

978KB
MD5

cf81ee27860e53595c32ab0724ee480a
SHA1

20c54b7f1379886fa7be923ed3f1d0b59b59ef79
SHA256

4ea00d8795a88c9dc87c73549c99b9eaea6c381bb57d5473cc6144aaf6656814
SHA512

83700798c363ad220db081b339ef4527fed5baecc4ee67a9d5793d7db5055559c2242ba488ab7a708cf2c1e9a72efcaaaee38d9a49b25f6800db3ae4649fa59e
SSDEEP

24576:Q4AlmZ9QiBVjtc/JIQJKjweRCBM7wn4F6QB9isPYNZMN2:Q4AgZPjtcSQJKjw4C2En4cPsPYsN2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ea00d8795a88c9dc87c73549c99b9eaea6c381bb57d5473cc6144aaf6656814

Files

4ea00d8795a88c9dc87c73549c99b9eaea6c381bb57d5473cc6144aaf6656814
.exe windows:5 windows x86

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 32KB

.idata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ