4138d529a121b3516999dd05f9c72fdc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4138d529a121b3516999dd05f9c72fdc
Size

66KB
MD5

4138d529a121b3516999dd05f9c72fdc
SHA1

6776dcda28c22d42c0e840885d1946be122e0bee
SHA256

289915016501aa1a8a680ee0afb656a01fedf4c0ee0f0c1a17b3cdca679cead2
SHA512

b8daf34c3e41c6853690d4fe1fc28481db2bd0251a01ddf7d094595e1746b90749f086b85b9b47493ac1af0665b1e13db590071ca94e42c1847315b75fee4c73
SSDEEP

1536:LGPAqacKjTakbpMRk67NN5LYoQGVlrTz7o+:CPiciTakbGk67NEoQulV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4138d529a121b3516999dd05f9c72fdc

Files

4138d529a121b3516999dd05f9c72fdc
.exe windows:4 windows x86 arch:x86

10881888e1797cd4abd256ce3460b430

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA

gdi32

SelectObject
LineTo
RestoreDC

kernel32

GetLocaleInfoA
ExitProcess
IsBadHugeReadPtr
VirtualAllocEx
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
GetLastError

comctl32

ImageList_Read
ImageList_Write
ImageList_Create
ImageList_DrawEx
ImageList_Remove

user32

PostQuitMessage
IsWindowUnicode
RedrawWindow
CharLowerA
RegisterClipboardFormatA
IsCharLowerA
GetWindow
PtInRect
GetMenu
RegisterClassA

Exports

Exports

_CFquxlV
_4kupw
P19tk7hX
GLxA7OmKw

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ