4aeb54bf8f0cfd1e0a652bed78dbcd48 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4aeb54bf8f0cfd1e0a652bed78dbcd48
Size

202KB
MD5

4aeb54bf8f0cfd1e0a652bed78dbcd48
SHA1

bdd81c61e4db1777162815739599947f1ea7b935
SHA256

5cb878c1e074ad24b7adeb7d5af1748f99661098106679a8fdfca65bd54262a1
SHA512

120ab6bbb12baae1ef32a43b38eed8bd58cfa567f5e4f333f395bd6dbcb8c4a805dda8632b880b86df0172e3d1945166006d4145d49c2ac9b702c968cf6b0d37
SSDEEP

3072:3x7wGj74obvnZxrl/qZ7Ke1e7oXyO3SNlOrFWhSEJEAuf24sCKqE5/iNKfOYBa:lVbvnZxtqZ7H1SooNl4WhSEJEAugoNYa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aeb54bf8f0cfd1e0a652bed78dbcd48

Files

4aeb54bf8f0cfd1e0a652bed78dbcd48
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

_STWNDCloseConnection@4
_STWNDDeleteStateItem@4
_STWNDEndOfRequest@4
_STWNDGetLocalAddress@8
_STWNDGetLocalPort@4
_STWNDGetRemoteAddress@8
_STWNDGetRemotePort@4
_STWNDIsClientConnected@4
_STWNDSendResponse@24

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oli
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE