4da9677e16d6703ee0cf3500a3a8767a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4da9677e16d6703ee0cf3500a3a8767a
Size

44KB
MD5

4da9677e16d6703ee0cf3500a3a8767a
SHA1

7a30f8ae812e3e89ca6fa135eae45b836b225662
SHA256

cf263245208a9f61f7bed576a58d45442807c1d8731f651c2eb77c9e39cf8373
SHA512

0487ccd83b6c89ca32b340f946ba00be6a7188ca4346092798c166d4d5d76bf99a9ec20ed985c98ced69d6fe8f6d961acf8cc02a4591f5259b5d0ad48d32bc37
SSDEEP

768:t8olR0wDKpXDv8dZmMfoMMqEFn1OLXTYvpEmJcQAmRVoIEJCbXrRA3:bV8XDv8dfqFn3vumJcEnoZCbXrg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4da9677e16d6703ee0cf3500a3a8767a

Files

4da9677e16d6703ee0cf3500a3a8767a
.dll windows:4 windows x86 arch:x86

3af10cea5e28cdf9e9f033f6b7569522

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FindResourceA
FreeLibrary
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
InterlockedIncrement
IsValidLocale
LoadResource
LockResource
MultiByteToWideChar
RtlUnwind
SetLastError
SetProcessWorkingSetSize
SetStdHandle
SetUnhandledExceptionFilter

msvcrt

srand
__set_app_type
_cexit
wcscat
strpbrk
_XcptFilter
isdigit
exit
_wcsicmp

user32

UpdateWindow
SendMessageTimeoutA

oleaut32

SysStringLen
SafeArrayCreate
SysFreeString
SysReAllocString
OleLoadPicturePath

shlwapi

SHEnumKeyExA
StrToIntA
PathGetCharTypeA

Exports

Exports

TabbedTextOutW_ME

Sections

.text
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ