4f2ea2a54294a2f5be716e0cf676b218 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f2ea2a54294a2f5be716e0cf676b218
Size

747KB
MD5

4f2ea2a54294a2f5be716e0cf676b218
SHA1

2878e9035c535d2a0832967e1d5cc882c046d7b7
SHA256

39a90619ec1b617fdb5f5637225d8d410b9dafa765b3b40e06f8bfa892be0387
SHA512

aed0652c10d0d05ac607cd896d8178c8041221ddd971758d14ac3184768f0816785682db5b2949705c64d94a00ba4d6db422498502b99f6caad87fc0dc288606
SSDEEP

12288:VtV3CKqWntu2aSdGctKAb21AG2P+mvoKNftEZXRi3b5EzaDsd8mY31uOb9HNXIu6:jVyKqWntuzSdrK421v2PjvXxOssd8m6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f2ea2a54294a2f5be716e0cf676b218

Files

4f2ea2a54294a2f5be716e0cf676b218
.exe windows:5 windows x86 arch:x86

12bedc66bb144befb402a6d2849a51d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetCurrentThreadId
GetModuleHandleA
lstrlenW
CancelIo
GetStdHandle
CloseHandle
GetFileAttributesW
HeapCreate
CreateDirectoryA
FindClose
Beep
GetDriveTypeA
IsBadWritePtr
HeapFree
CreatePipe
CreateSemaphoreA
GetCommandLineA
WaitForMultipleObjects
GetStdHandle
GlobalSize
GetCurrentDirectoryW
GetFileType
GetModuleFileNameA
ExitThread

uxtheme

GetWindowTheme
DrawThemeBackground
GetThemeColor
GetThemeBool
SetWindowTheme
GetThemeTextExtent
CloseThemeData
DrawThemeEdge
CloseThemeData
GetThemeTextMetrics
IsThemeActive
GetThemeSysSize
OpenThemeData

iaspolcy

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE