4fa6c1c17e7c1296d9eef7676b948c46 | Triage

Sharing

General

Target

4fa6c1c17e7c1296d9eef7676b948c46
Size

75KB
MD5

4fa6c1c17e7c1296d9eef7676b948c46
SHA1

27bdc174fa02ff18f4d5bafd622d46fdb9bd1b3f
SHA256

02d1aed87366355321948056b3b3ebeb32b12d4db7423bae8b31d174d72d4da8
SHA512

e5fa924db2facf47cd8ea14878c51be73dd81311d67aea05c3c5106817763e50d3d60667987ab76f98f6a0c2378c443fc99a4e526e093e81693548b282604d81
SSDEEP

1536:RGjac6lUu4sjBS28Ck89bcRobapREOm9FbOBWVe/bEw3BWF17xwhHKnLB8NhZg/3:RG+baBL30F11whqnNz/OB/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fa6c1c17e7c1296d9eef7676b948c46

Files

4fa6c1c17e7c1296d9eef7676b948c46
.exe windows:5 windows x86 arch:x86

61f9a3099fb9a61800247bc0074d5f89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
GetTickCount
GetEnvironmentVariableW
MapViewOfFile
ReadFile
GetCurrentDirectoryW
GetModuleHandleA
HeapFree
IsBadReadPtr
FindAtomW
SuspendThread
RemoveDirectoryA
SetLastError
GetFileTime
ExitProcess
DeleteFileW
EnterCriticalSection
WaitForSingleObject
HeapCreate
GetFileAttributesA
GetCommandLineW
GetFileType
SetLastError
Sleep
CloseHandle

uxtheme

DrawThemeEdge
OpenThemeData
IsThemeActive
GetThemeColor
CloseThemeData
DrawThemeBackground
GetThemeTextExtent
GetThemeTextMetrics
GetThemeEnumValue
SetWindowTheme
GetThemeBool
GetWindowTheme
CloseThemeData

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE