04fd0aaaf880f85d40f08a070af063c6 | Triage

Sharing

General

Target

04fd0aaaf880f85d40f08a070af063c6
Size

39KB
MD5

04fd0aaaf880f85d40f08a070af063c6
SHA1

4b6d6c63728d8dda9e837aa72fe558ceae2b83b1
SHA256

564ed502eab0c4c1f332b97ecf4e08bebc4322f42492af8c2d69c4a4ef87ffec
SHA512

4b102c671d6e2f0dbc51b10a1e563ffbe4d3f6d21403d37e769e3aa20e731135adeefa6e3c7d0af5ce9897e423f17af02a6e9c360d03ab32deb7f604e73b5bc6
SSDEEP

768:N2VdZ65tH1MbGK0b49qR13QJP382BMUdsv9WnlPkZQIAD/M0Qm6E7+2D4I/CTSBz:N2VS5cbHY5P3QJP3xp8Z2UE7+2c+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04fd0aaaf880f85d40f08a070af063c6

Files

04fd0aaaf880f85d40f08a070af063c6
.exe windows:4 windows x86 arch:x86

394b3e18e03537a1c51f949fab757567

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

MethCallEngine

Sections

pec1
Size: 34KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE