4825d313af8982b3f67b8568057e2ea0 | Triage

Sharing

General

Target

4825d313af8982b3f67b8568057e2ea0
Size

190KB
MD5

4825d313af8982b3f67b8568057e2ea0
SHA1

10a427c032689681ddac36a4cd1354a6d80cf05b
SHA256

e3d7f868c3fb6684fa8d5847cddc2ee0b542a93646d98bed661ab07adf39499b
SHA512

df74769673e6ff57a0833a3d8e3c204999b3cf9da599a0cd30668f16ee2db3bfb7097c7248098db85ef4a6893e8e0f8486a99940af75cf3b58b481436c3a67da
SSDEEP

3072:gM2gzENCUmCJYYMJAmz0IAC2gUEUf5qrLtFJ4MyVnoJ18I92UASeakkfFJPAO1+V:WyegczMJWI6gPGqrLt74MKoD8IPb3A2Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4825d313af8982b3f67b8568057e2ea0

Files

4825d313af8982b3f67b8568057e2ea0
.exe windows:4 windows x86 arch:x86

f0afcb9fdd4e9e041bf590535a69e147

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapePosition
GetVersion
ClearCommError
InterlockedExchange
GetCurrentProcessId
GetWindowsDirectoryA
EnumResourceNamesA
GetLocalTime
FatalExit
FindClose
Sleep
FindFirstFileA

user32

ReleaseCapture
GetDlgItem
GetSysColor
SetWindowLongA
FillRect
LoadCursorA
IsWindow
SetCursor
GetWindowLongA
SetWindowPos
ReleaseDC
GetWindowInfo
MoveWindow
GetDC
SetCapture

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ