4cc95326ed31689a50ca395eda99e8b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cc95326ed31689a50ca395eda99e8b7
Size

36KB
MD5

4cc95326ed31689a50ca395eda99e8b7
SHA1

ffb5549dfc4403f645af8885fbf1ff8a31a346e0
SHA256

b049ef7f366d755a2d6d5291961d967c99d3169658d2a01b36c58ff2255186b4
SHA512

ac555481a6e909e07894c38ae9256238098b9168d43bf11d202df898ced8111b52fbe6342328889697ef28d4b9013e5fd5c06a07ceb64ad62a87a816416edd9c
SSDEEP

768:ana6P4DpmW33kReHizCugIPIPW8ipKPgb9GOufnL79:A6pb33QKnuFPpl1h09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc95326ed31689a50ca395eda99e8b7

Files

4cc95326ed31689a50ca395eda99e8b7
.exe windows:4 windows x86 arch:x86

7033dccaad4401941054387348dc03d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSidIdentifierAuthority
AllocateAndInitializeSid
LookupPrivilegeValueA
RegDeleteValueA
LookupPrivilegeNameA
RegQueryValueExA
GetSidSubAuthority
RegEnumValueA

msvcrt

time
_exit
_beginthread
strcmp
__mb_cur_max
wcscpy
srand
ftell
_onexit

gdi32

RectInRegion
RestoreDC
SetTextColor
DeleteDC
GetObjectA
SetBkMode
StartPage
CreateCompatibleDC
CreateDIBSection

kernel32

GetProcAddress
GetConsoleMode
GetModuleHandleA
SetPriorityClass
FindClose
FileTimeToLocalFileTime
WriteConsoleW
lstrcatA
InterlockedIncrement
lstrlenW
HeapSize
DeviceIoControl
LoadLibraryA
GetCurrentProcessId
GlobalUnlock
GlobalMemoryStatus
lstrcpyA
SetStdHandle

ole32

CoUnmarshalHresult
CoGetStdMarshalEx
OleSetMenuDescriptor
OleCreateEmbeddingHelper
CoTreatAsClass
OleQueryCreateFromData
CoCreateInstance
OleRegGetUserType

user32

DrawMenuBar
GetWindowTextA
OffsetRect
DestroyIcon
GetKeyState
SetFocus
GetClassNameA

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ