4e249df63c690628ab6643050942f992 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e249df63c690628ab6643050942f992
Size

163KB
MD5

4e249df63c690628ab6643050942f992
SHA1

1c0dfe7bd81f98f9c54bd33c044605652c24723c
SHA256

9e42982eeeff953528ff065090924e5c4832b9fd1d453d9bb484bf9a9a2fe068
SHA512

ca7ab2e4e7866f9ac8dcf21cfa8de2847723645041167663a1545c4d63ee8a632008ce3e28fc4a75f6e01dbe95f1a6ba877a13f09cf652d15b50fc28e126ddad
SSDEEP

1536:XyGY1aDUe1OF2E8ElIC0SozT+UCNOUJoWtoE2duOCBHu2tuEy+bA3GHcY6Id15TU:CiDUdgQu6OKoQoEnHTxczm13cd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e249df63c690628ab6643050942f992

Files

4e249df63c690628ab6643050942f992
.exe windows:4 windows x86 arch:x86

9f3ea5ba5a05fff29982c49467fc14e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FindResourceA
GetProcAddress
GetThreadContext
Sleep
SetStdHandle
ReadFile
SetFilePointer
FlushFileBuffers
GetLastError
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetStringTypeA
GetStringTypeW
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
CloseHandle

user32

GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
MessageBoxA
PeekMessageA

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ