4a89ff9c7d3a639941db25055324a56d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a89ff9c7d3a639941db25055324a56d
Size

115KB
MD5

4a89ff9c7d3a639941db25055324a56d
SHA1

9b7cd58424df083239e33d2a8e6223f09e16c3c5
SHA256

e33f46349e42219d8028f6c1c2246adf83edcef4ae36cb202742c73fc384ade9
SHA512

0aef5c68ee131907265a0cd32bcd5e7a38982a8d059de5a82181db1a7457b447592f9ec880f58789f210375d29d9dbe5c4741d90b8541a39ed3735fc6057fa2e
SSDEEP

3072:4y+7LvUSCtlDsj9/itdT0sVm59laP4Dn9Y:5+7LcSADyAR0sC9/D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a89ff9c7d3a639941db25055324a56d

Files

4a89ff9c7d3a639941db25055324a56d
.exe windows:4 windows x86 arch:x86

2d78c8d638595560faaffe1fd80a46fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetDesktopWindow
TranslateMessage
GetSystemMetrics
CharNextA
GetParent

gdi32

DeleteObject
DeleteDC
CreatePalette
SelectObject
CreateCompatibleDC
SetStretchBltMode
GetStockObject
GetObjectA
SetTextColor
CreateSolidBrush
GetTextMetricsA
GetPixel
GetDeviceCaps
SetMapMode
GetClipBox
CreateFontIndirectA
SaveDC
SetTextAlign

kernel32

lstrcmpiW
GetWindowsDirectoryA
GetSystemTime
RemoveDirectoryA
lstrcmpiA
GetModuleHandleA
RemoveDirectoryW
FindClose
GlobalFindAtomA
GetCommandLineA
CopyFileA
QueryPerformanceCounter
lstrlenA
lstrlenW
DeleteFileA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ