4c4af622659b2d7e3861625ed3e27106 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c4af622659b2d7e3861625ed3e27106
Size

41KB
MD5

4c4af622659b2d7e3861625ed3e27106
SHA1

113ce8abd7e26c8175cee2c24a442a956f84ca90
SHA256

b047f772a40a7babb8de3aa1ca17df8364ddc9c00bec4df5aa70c10105e8cd5c
SHA512

e522f897b6b1ce3dc834d443d7ff0e069320c0d66e8cf8f052f55448324bab4cac229b3d7f9b823ff95763d7beb624dd20b1941c2b948499ca6fd86ffdb904d2
SSDEEP

768:Lw4EVInaojUm1Z0EIN+x/XPNnTJcGoIrZ3eL5pxhp+4j/mWrh:045aQj1Z9xx1chIELPxhPrh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c4af622659b2d7e3861625ed3e27106

Files

4c4af622659b2d7e3861625ed3e27106
.exe windows:4 windows x86 arch:x86

ec094eed8ffe932999e1082ebeda44a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvcrt

memchr

user32

SetForegroundWindow

gdi32

GetDeviceCaps

advapi32

AdjustTokenPrivileges

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

wininet

InternetCloseHandle

ole32

CoCreateInstance

oleaut32

SysAllocString

version

GetFileVersionInfoSizeA

Sections

pec1
Size: 33KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE