4eb4974050d67eb7342ba1311336e8ec

General

Target

4eb4974050d67eb7342ba1311336e8ec
Size

112KB
MD5

4eb4974050d67eb7342ba1311336e8ec
SHA1

0b3648890b9c22ef49039d6e9da63f7306e25d9d
SHA256

a45f63048c1286f730b3fd7311b82443258d117cf0d7c01806370d30896338fc
SHA512

a9725bd8be8c528b786d7e216c3e0a92cc86e08c2e0b9912ddba62341dfa639654e616b651d2a2da12b612856369d96e856fb060cc90b1a4e65c0babda0681af
SSDEEP

1536:7tBOG711QVPrYmFiYm7t1oYSwIMtlVUvzl3o:yBF5m7t1o/8vUvZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4eb4974050d67eb7342ba1311336e8ec

Files

4eb4974050d67eb7342ba1311336e8ec
.exe windows:4 windows x86 arch:x86

139e9625a6adb4af07d81f1f32380afb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
GetVersionExA
GetEnvironmentVariableA
SetEnvironmentVariableA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetCommandLineA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapFree
WriteFile
CloseHandle
GetModuleFileNameA
CompareStringW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetFullPathNameA
GetCurrentDirectoryA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
RtlUnwind
SetFilePointer
FlushFileBuffers
SetStdHandle
ReadFile
GetCPInfo
GetOEMCP
GetTimeZoneInformation
GetProcAddress
LoadLibraryA
SetEndOfFile
CompareStringA

version

GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

139e9625a6adb4af07d81f1f32380afb

Headers

File Characteristics

Imports

kernel32

version

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 1.1MB

.rsrc Size: 4KB - Virtual size: 1KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 1.1MB

.rsrc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 40KB - Virtual size: 40KB