4e1d1e9b033e0f83c9ac3402f548f43b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e1d1e9b033e0f83c9ac3402f548f43b
Size

176KB
MD5

4e1d1e9b033e0f83c9ac3402f548f43b
SHA1

7b2746f7dd9325974015da5d613959e7a0903039
SHA256

e0bb66d3cfc99da49e800378296e3ea6f21ebc1b87b740ef25f4171ed0bf9176
SHA512

672b836ef152ffbcfc6543754ce3ee267c69dba82fc1f1755358e871d9fa4e9c972c10f80716c71971b7d698ff16a58239a0b3415897ce231eca8c138a63c272
SSDEEP

3072:LWXsTxfvL3OIRIq5yEhtrfgGXmh0U8X02dg4UFqMTZ4wedfHPNhyzYUbjejAsH:/BzpRbUiDgGXG0U8E2i4UlGwedXTXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e1d1e9b033e0f83c9ac3402f548f43b

Files

4e1d1e9b033e0f83c9ac3402f548f43b
.exe windows:4 windows x86 arch:x86

cef9beeb4dcbf70e5d1a23cc0a31997b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
FreeEnvironmentStringsW
SetHandleCount
GetVersionExA
GetCPInfoExW
InterlockedExchange
InterlockedIncrement
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetThreadLocale
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
MultiByteToWideChar
HeapSize
TlsGetValue
EnumResourceTypesA
GetLastError
GetLocaleInfoA
WriteFile
EnterCriticalSection
TlsSetValue
QueryPerformanceCounter
WideCharToMultiByte
GetStdHandle
LoadLibraryW
GetStartupInfoA
GetFileType
lstrlenW
GetTickCount
GetOEMCP
LeaveCriticalSection
InitializeCriticalSection
GetCPInfo
RaiseException
GetCurrentProcessId

gdi32

GetTextExtentPointA
GetTextMetricsA
GetDeviceCaps
DeleteObject
SelectObject
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ