004ad215ebb2a014b2c8a0009508124e | Triage

Sharing

General

Target

004ad215ebb2a014b2c8a0009508124e
Size

45KB
MD5

004ad215ebb2a014b2c8a0009508124e
SHA1

f4320ee2ebf03eb788818d950ec0523f104432ab
SHA256

52aec0631bd9e88d135f65a2b9d94c299ee6df8996254c4c2802472342a48353
SHA512

0ca0910ac0aad6017c3ec3ae0923eb2ecccf79b1f0779f0d0e7b67a9198f5bf3b7cbb3339f7cddc2a403b245fa8c7351d11616a5f8455574a9b87d0ac39386f0
SSDEEP

768:rDpRtg/FD5ruZTixwTwtuprhSa6XHi+1lS/ie3ed851LJPbqL:r9R8FDVuKwTuOgacHdlQi5q1LsL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
004ad215ebb2a014b2c8a0009508124e

Files

004ad215ebb2a014b2c8a0009508124e
.exe windows:4 windows x86 arch:x86

249ae70f94419390a395484f985a372a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CloseHandle
GetComputerNameA
GetModuleHandleA
ResetEvent
GetSystemTime
CreateFileA
GetCommandLineW
SetLastError
FindAtomA
GetDriveTypeA
GetPrivateProfileStructW
CreateThread
GetDiskFreeSpaceA
GetTickCount
ResumeThread
GetFileAttributesA
HeapCreate
LocalFree
LoadLibraryA

advapi32

RegQueryValueA
RegDeleteKeyA
RegEnumValueA
IsTokenUntrusted
RegCreateKeyExA
CloseEventLog
RegCloseKey
GetFileSecurityW
CreateServiceA
RegEnumKeyExA
FreeSid
GetLengthSid
GetUserNameA

clbcatq

SetupOpen
ComPlusMigrate
DllGetClassObject
CheckMemoryGates
SetSetupSave

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ