4d155e5aa5b00d3a7640c69575b9ee0d | Triage

Sharing

General

Target

4d155e5aa5b00d3a7640c69575b9ee0d
Size

163KB
MD5

4d155e5aa5b00d3a7640c69575b9ee0d
SHA1

63d17f774ab8d48e9e25d6f7dde367e0e350494d
SHA256

79f875deb456646cda9fe8bbf42b4ef167dea502bf42d56c3755c881a868c5b4
SHA512

80ae5e35fb611017f76b67697216b32f4fbbcc76d651a62b2b1bc952c5ab979cdf45466627c6fb4dfed137fd15bac5ed5524472ff4ce39eec0ebbcf056efcb70
SSDEEP

3072:cHWoFfL4DaCP6ldHEknbkqSc0gZMLg6IEKbyLWSiGgIVJxQLXrB:WvFMv8t77Sc0g206ILAWxKQb9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d155e5aa5b00d3a7640c69575b9ee0d

Files

4d155e5aa5b00d3a7640c69575b9ee0d
.dll windows:4 windows x86 arch:x86

ea10d513ce191065b6084ec4d8c41f3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileMappingA
CreateProcessA
DeleteCriticalSection
ExitProcess
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThread
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcessHeap
GetStartupInfoA
GlobalAddAtomA
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
MulDiv
MultiByteToWideChar
ResetEvent
RtlUnwind
SetErrorMode
SetHandleCount
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter

user32

CreateMenu
FillRect
CheckMenuItem
RemoveMenu
ScrollWindowEx
GetScrollInfo
CheckRadioButton
BeginDeferWindowPos

comdlg32

ReplaceTextA

Exports

Exports

FindNextCaptureDevice

Sections

.text
Size: 102KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ