4c990daf0efde5fe8b954c69f870aff7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c990daf0efde5fe8b954c69f870aff7
Size

364KB
MD5

4c990daf0efde5fe8b954c69f870aff7
SHA1

af784a9ff766e336747e6fc83b7c9a4e28b582a9
SHA256

e1e0a90a673aa5cf57314482b7bd3bfb48f2762bb47ea3a10cd9b03716ff630e
SHA512

69b91f9d315536c92a8a7384cf9860fd39ebb2393a30f095c33728360855e36630db2dd2f8cf00d7ca2781da3ed33bf624826c9ebb45f78780671b926ed062d8
SSDEEP

6144:T6Q7qb77OTZEX+Kbzg6qu1JtOXOJ13EtwEGbkhdt1qs3LU4Ye:/qbCOOQtO+7EeEfzqqL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c990daf0efde5fe8b954c69f870aff7

Files

4c990daf0efde5fe8b954c69f870aff7
.exe windows:4 windows x86 arch:x86

08ddfd7bec241661fbe77e85333d1cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetTickCount
HeapReAlloc
SetLastError
InterlockedExchange
ResumeThread
GetCommandLineA
GetVersion
GetUserDefaultLangID
GetConsoleDisplayMode
GlobalSize
GetAtomNameA
LoadLibraryExA
lstrlenA
WaitForMultipleObjects
GetConsoleCP
VirtualProtect
CompareFileTime
HeapCreate
GetModuleHandleA
WaitForSingleObject

user32

BeginPaint
FillRect
ReleaseDC
wsprintfA
SetForegroundWindow
GetWindow
GetFocus
CreateIcon
FrameRect
GetTitleBarInfo
GetDC
GetCursorPos
EndPaint
AnyPopup
GetParent
DragDetect
DrawTextA
GetClassNameA
ShowWindow

rastapi

DeviceConnect
DeviceListen
AddPorts
PortClose
DeviceDone

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ