4b6770be513c0055d7c3da8a5bb5ef56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b6770be513c0055d7c3da8a5bb5ef56
Size

180KB
MD5

4b6770be513c0055d7c3da8a5bb5ef56
SHA1

eb7620739efc14d670d5dd0db27aa9e31f2369ea
SHA256

e34759e71f7a2c43f0efcc3a810015b94b2450e51c9242ba53d77be3c1844360
SHA512

fead529b7ebbbc1e55ee6acc1f5af000f2a030e1f3a503715412217be8ce4f72d583219060867752643f34a476421b7b19d2d5a7fbbe027328a7b53f1d5d2ec1
SSDEEP

3072:5jpCM4oGVbTJTVhiatbrs1pfaB4dGQ0kBxsQTfvki9/X:BUrxpHiE/sCBTQ0kz9fvku/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b6770be513c0055d7c3da8a5bb5ef56

Files

4b6770be513c0055d7c3da8a5bb5ef56
.exe windows:4 windows x86 arch:x86

8e8b4b0746e2793fd74b3f983c673d78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrFixedArrayFree
UuidCreate

shell32

Shell_NotifyIconA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

winmm

timeEndPeriod

kernel32

FlushInstructionCache
FindFirstFileA
UnmapViewOfFile
GetModuleFileNameW
EnumResourceNamesW
SetEnvironmentVariableW
MapViewOfFile
FindResourceExA
DuplicateHandle
FindClose

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ