4113d4de34963dcb4dcb93d4cbb82d6c | Triage

Sharing

General

Target

4113d4de34963dcb4dcb93d4cbb82d6c
Size

63KB
MD5

4113d4de34963dcb4dcb93d4cbb82d6c
SHA1

a4d2651ded5ff8923c811f95e4ec4e4251944009
SHA256

903e1d01a526af221db078f65bab7fa6f5518c32b3ffdec296f6601fee5c8763
SHA512

0fc4f7ec4f573db3fec72a9a3ddbe805012d865cc0a545caccd1743541db7943c58f8538af771914e6963404a782cddf1a90a0c4db7e68c59f9cac38f92cdd20
SSDEEP

1536:BrpWKC4VAfNO66Hyc2DG6arh3cYnowqBpaPAB9nL//s:vWKdF66HycsGjrF7DqB0PATzs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4113d4de34963dcb4dcb93d4cbb82d6c

Files

4113d4de34963dcb4dcb93d4cbb82d6c
.exe windows:5 windows x86 arch:x86

17320f9ec26bac630bbf847fc163ebd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
ExitProcess
CloseHandle
ReadFile
SetFilePointer
GetFileSize
GetModuleFileNameA
GetModuleHandleA
HeapFree
GetProcessHeap
HeapAlloc
VirtualAlloc
VirtualFree
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
GetProcAddress
LoadLibraryA

user32

RegisterClassA
GetDesktopWindow
LoadIconA
DefWindowProcA
LoadCursorA
CreateWindowExA
GetWindowTextA

msvcrt

memcpy

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ