4b0a0ef5cc48ce7692bb0b160bed7faf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b0a0ef5cc48ce7692bb0b160bed7faf
Size

147KB
MD5

4b0a0ef5cc48ce7692bb0b160bed7faf
SHA1

006f7ef44845e2a32dc681956b513a683a845f70
SHA256

b3bf409c184ddf01afdd754a95699a64b52dfe741f5b7b50feab6f2e61b4ace6
SHA512

5eccd13c225a3371320a5e9bbaa053481516bc967723a1d696db17b9c0bec255c9454563c95a2ef7088f0f7e9d5742894c948499c0cf76829bdd9f3588778d20
SSDEEP

3072:SPmPM8q++DK4nzH/P4ndSWjavXV4umUZCAv0RIKjUqW4GlteY9n74EUsl4HxASUX:SQWzHYn0WW66ZTc2KjNW4uteY9nkE0zC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0a0ef5cc48ce7692bb0b160bed7faf

Files

4b0a0ef5cc48ce7692bb0b160bed7faf
.exe windows:5 windows x86 arch:x86

a95e24aae01be8aad705c2cd60307195

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripPathA
StrToIntA

kernel32

lstrlenW
lstrcatA

Exports

Exports

?GetIDPromotion@252KPAUHINSTANCE__@@U_SYSTEM_INFO@@`M
?LargeScaleGroup@252KPAUHINSTANCE__@@U_SYSTEM_INFO@@`M

Sections

.idata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ