4ebce4986ee3cd708a7b991b11e9d017 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ebce4986ee3cd708a7b991b11e9d017
Size

164KB
MD5

4ebce4986ee3cd708a7b991b11e9d017
SHA1

46624bb53f2d6709d3763238b08483b825134e7e
SHA256

e19b89632602f16b8f591c7ad510c603712506baa16693121943ca93476c9200
SHA512

ca15d0c752e58f7488674dc921b64502ff997353a4790a91ee55148e571dcd6bcf255bc008348f16f8bc04b5ad7c227b31822d3adea1a647c5ba24c1c890d18c
SSDEEP

3072:Cmbrt3nbZQ6GFXcn0VIQwwrnH7VM1Rw7Lrgiua8LdN6YPpUTXfa:Dxb+FN4kfwunH7V20938ZwtTP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ebce4986ee3cd708a7b991b11e9d017

Files

4ebce4986ee3cd708a7b991b11e9d017
.exe windows:4 windows x86 arch:x86

14326ef8796a2e6da1618f76854cd54a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

SetCapture
RealGetWindowClassA
FlashWindow
ValidateRect
ExcludeUpdateRgn
IsWindowEnabled
ValidateRgn
GetCapture
EnableWindow
IsWindow
DestroyWindow
InvalidateRgn
ReleaseCapture
UpdateWindow
GetUpdateRgn

kernel32

FindClose
CreateFiberEx
GetLocalTime
FindFirstFileW
LocalFileTimeToFileTime
SetCurrentDirectoryW
FindResourceW
SetThreadAffinityMask
LocalFree
CompareStringA
GetStringTypeW
FreeLibrary
SetEnvironmentVariableW
LCMapStringW
EnumResourceNamesW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FindNextFileW
SetThreadPriority
GetShortPathNameW
SetErrorMode
LoadResource
GetCurrentProcess
IsBadReadPtr
GetSystemDirectoryW
LocalAlloc
GetOEMCP
SearchPathW

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ