4d2c118844b27679811fe5d016ad1324 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d2c118844b27679811fe5d016ad1324
Size

747KB
MD5

4d2c118844b27679811fe5d016ad1324
SHA1

6c76016e91f5fb1b0ac1bf6ce041aef4634e41c2
SHA256

53f4f6d20294da0dd874ad812cfda368b95c761f5589465834775b7a8b7d13bc
SHA512

cfc1c18565a7fbe5e7a596504f3ed58929b5ff78d13d80c50ecaab67b40d1e38794503bebcf10916512763ae09c66ac55efe8524b615e4fe65921eee55dd5eb5
SSDEEP

12288:VPwuQ8osQFd9eX7EYI9zDGS9iq8SuMVv+Yr1WToy+yJpwqmX:VYurWj9wZYzDGScqPu6v9r1W8y/fwqmX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d2c118844b27679811fe5d016ad1324

Files

4d2c118844b27679811fe5d016ad1324
.exe windows:4 windows x86 arch:x86

a677abf1f778d818e65d6102e7184726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetFileAttributesA
GetModuleHandleA
CreateMutexA
GetEnvironmentVariableW
CreateFileA
GetCommandLineW
RemoveDirectoryA
SetEvent
GetStdHandle
WaitForSingleObject
ResetEvent
DeleteFileA
GetTickCount
GetCurrentDirectoryA
VirtualAlloc
CreatePipe
GetStartupInfoW
FindClose
WaitForMultipleObjects
CloseHandle
GetConsoleTitleA
ExitProcess
HeapSize
SetLastError

user32

GetDC
GetClassInfoA
FindWindowW
FillRect
DispatchMessageW
CallWindowProcW
GetWindowLongA
MessageBoxA
GetDC
DispatchMessageW
PeekMessageA
GetDC
GetSysColor

perfctrs

CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ