4974bd0bc848030160ee763ad8896f51 | Triage

Sharing

General

Target

4974bd0bc848030160ee763ad8896f51
Size

123KB
MD5

4974bd0bc848030160ee763ad8896f51
SHA1

83534ddd88ae861702bb54dbbabc2167ab3bc733
SHA256

73f74457d7f22f9bda0250f78c2097917e76e8429a48b205e60d722040e4f3a3
SHA512

ab96d89234fe91c187d9f67108ff30edd6be921256f0494438f94a313945f0d55304bb6ffb59d3870a7c442478c42b0676d6765dbeb85556c988e08f726b6137
SSDEEP

3072:o6dUwZLqFpOmAS+QowN+2oNmHD9Egg3V6:GwZtQowNwahpgF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4974bd0bc848030160ee763ad8896f51

Files

4974bd0bc848030160ee763ad8896f51
.exe windows:4 windows x86 arch:x86

ca9a71a5142671e60e98d85d0f9d3e56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkMode
GetBitmapBits
CreateFontIndirectA
GetBkColor
GetDIBits
SetPixel
CreateCompatibleDC

advapi32

GetLengthSid
RegQueryValueA
RegDeleteKeyA

comctl32

ImageList_DragShowNolock
ImageList_Remove
ImageList_Write
ImageList_Create
ImageList_Read
ImageList_Add
ImageList_GetBkColor
ImageList_DrawEx
ImageList_Destroy

kernel32

ResetEvent
SetFilePointer
ReadFile
GetProcessHeap
SetEvent
SetEndOfFile
SetErrorMode
IsBadReadPtr
LoadLibraryA
VirtualAllocEx
ExitProcess

user32

GetIconInfo
GetForegroundWindow
GetMenu
LoadCursorA
GetFocus

Exports

Exports

_5KdCM@24
vsUKoMtBsO@12

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ