4da529c7feea14db8eccf9ba929504fe | Triage

Sharing

General

Target

4da529c7feea14db8eccf9ba929504fe
Size

251KB
MD5

4da529c7feea14db8eccf9ba929504fe
SHA1

ec16668f1e7e9f15d17feb13f8a3815de811eac0
SHA256

75f29cda187f0ed742ee609653be17248412d543b92c2570969c6c7b0f9fc62e
SHA512

899dcc4f583345f40265e8b01b2054f1083bd108748977b38bcfc8d006001820b326f6ffd095b844b428a71c0b526ac6905349e976eeb7ec859e93bf018cc929
SSDEEP

6144:IVleY+Xi0Qe1a7qb+1YErvdpRZGh+ZXxLy0FdJs+orlCXZd+fQKDIeQwK:cCNQe4+0JXZlxhi9hCXT+fQKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4da529c7feea14db8eccf9ba929504fe

Files

4da529c7feea14db8eccf9ba929504fe
.exe windows:4 windows x86 arch:x86

f639ca77a5a6bbc53a395ef3d4bea7cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
GetLastError
lstrcpyA
lstrlenA
LocalFree
GetStartupInfoA
GlobalFree
FreeLibrary
Sleep
CreateEventA
LocalAlloc
GlobalAlloc
GetStdHandle

gdi32

ExtTextOutA
SetPixel
PatBlt
CreateCompatibleDC
GetStockObject
LineTo
GetDeviceCaps
CreateSolidBrush
MoveToEx
GetTextExtentPoint32A
BitBlt
DeleteObject
SetBkMode
GetTextMetricsA
CreateFontIndirectA

msvcrt

_exit
_XcptFilter
__set_app_type
memmove
wcstoul
__setusermatherr
_c_exit
toupper
rand
wcschr
wcslen
__p__fmode
__p__commode
_adjust_fdiv
_controlfp
_acmdln
__getmainargs
exit

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 238KB - Virtual size: 823KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ