041d6142bc6afaa710bab4dc4ddb63ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

041d6142bc6afaa710bab4dc4ddb63ba
Size

16KB
MD5

041d6142bc6afaa710bab4dc4ddb63ba
SHA1

a13dd14bd18f018b778e4dbf0e2ce6df4f7341cd
SHA256

e39343f92d3a5b151723e9060f66cb4e1b8bd9d79092f89eb7483079feef371d
SHA512

8958647c427ea8b3056e9ebca9ec1737c5f8677cabae18e493358f29514702debe385d40976f84826ea62a099e658a7460fa47d98b79415f8175d166a59a7381
SSDEEP

192:/csDfvoSoZZowJZof+dnMV4mmv+OJBP1oynuGk:ksDnwDHZdnW2v+St1gGk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
041d6142bc6afaa710bab4dc4ddb63ba

Files

041d6142bc6afaa710bab4dc4ddb63ba
.exe windows:4 windows x86 arch:x86

cdcb5fc15dc8bc6cc6c341cb7aea4298

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoInitializeSecurity
CoUninitialize
CoCreateInstance

mfc42

ord6663
ord537
ord1572
ord1601
ord4129
ord857
ord800
ord4278

msvcrt

__p__fmode
_acmdln
__getmainargs
strlen
__setusermatherr
_adjust_fdiv
__p__commode
exit
__set_app_type
_except_handler3
_controlfp
_mbsicmp
_exit
_XcptFilter
strcat
__CxxFrameHandler
_initterm
_stricmp

kernel32

GetModuleHandleA
lstrlenA
MultiByteToWideChar
GetStartupInfoA
GetModuleFileNameA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

VariantClear
SysAllocString
VariantInit

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE