b4acd30e3c24659f4ee41843736f87842b3e43e7fb1485e6b63130c084dedb8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4acd30e3c24659f4ee41843736f87842b3e43e7fb1485e6b63130c084dedb8b
Size

30KB
MD5

1367e5e9d851193f267c235df489759d
SHA1

8269ef94859224a3b4ae941f68f3267a478c870e
SHA256

b4acd30e3c24659f4ee41843736f87842b3e43e7fb1485e6b63130c084dedb8b
SHA512

98440c4b107936f103d5fe98fa7d1c2f00d44a14ff099babccf262437294286c66b22a344ccd229a9e0e7591274219ead336ed79fe5f67bfc52fde9f8b4cb607
SSDEEP

384:MwbLrPaIU+vycmPduyBNQaUEovkvyL8Nq5smipPICdpSLcDQm9zMHhtTFn:MmSIU+vDeFrdvyL8NUsjSwDg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4acd30e3c24659f4ee41843736f87842b3e43e7fb1485e6b63130c084dedb8b

Files

b4acd30e3c24659f4ee41843736f87842b3e43e7fb1485e6b63130c084dedb8b
.exe windows:4 windows x86

d5201b35184f2af59bba41345786528e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime

kernel32

LoadLibraryA
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
LocalFree
WideCharToMultiByte
GetCommandLineW
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
GetPrivateProfileStringA
FreeLibrary
GetProcAddress
LCMapStringA

msvcrt

strncmp
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
atoi
_ftol
sprintf
strncpy
modf
strchr
memmove
malloc
free

user32

wsprintfA
MessageBoxA

shell32

CommandLineToArgvW

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE