4fcdc161f47e605c159634d1abff1bc8 | Triage

Sharing

General

Target

4fcdc161f47e605c159634d1abff1bc8
Size

167KB
MD5

4fcdc161f47e605c159634d1abff1bc8
SHA1

348d35f1afa55acdb05457c5f2a8ea7e680ec187
SHA256

c18bf104033c86ff23a3b73f8c6cac1226fa74b4ff75aa9d27e3ff34f6477123
SHA512

d4211b3227da780a7300f39dd88d2688687057d1801d617bcc8499ec2417771912152675bc25877007636e1da7539a7a5982f41d82e987d0875274bbf3231cd1
SSDEEP

3072:DPZfGFmCCALbL96AcUYRBSdJJHowiOiSMpm+g49dfv:DP36b9bcU8BEH4WMpyO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fcdc161f47e605c159634d1abff1bc8

Files

4fcdc161f47e605c159634d1abff1bc8
.exe windows:4 windows x86 arch:x86

9b45bdba09fdb26b89f7030e7f5d68d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePalette
CreateDIBitmap
RestoreDC
CreateDIBSection
CreateCompatibleDC
CreateBitmap

user32

GetCursor
DrawTextA
GetFocus
IsChild
WindowFromPoint
GetKeyboardLayoutNameA
SetMenuItemInfoA

version

VerQueryValueA
VerInstallFileA

kernel32

MoveFileA
FindClose
HeapAlloc
GetCommandLineA
WriteFile
SetLastError
CloseHandle
LocalFree
GetProcAddress
GetFileType
GlobalAlloc
SetErrorMode
LocalAlloc
EnumCalendarInfoA
VirtualAlloc
EnterCriticalSection
lstrlenA
GetVersionExA
ExitProcess
GetModuleHandleA
lstrcmpA
GetVersion
SetFilePointer
GetStartupInfoA

comdlg32

GetSaveFileNameA

shell32

SHGetSpecialFolderLocation

comctl32

ImageList_Destroy
ImageList_Read
ImageList_DrawEx
ImageList_GetBkColor

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ