4ff47926085be740ea0454e4da552941 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ff47926085be740ea0454e4da552941
Size

119KB
MD5

4ff47926085be740ea0454e4da552941
SHA1

3cb55af55f5f9d748cb98b2ed137e73f31205ddf
SHA256

6269bfa8a782e26616df7fb8fc227870584c962038f74c92f203187ac17c4ee4
SHA512

edfaeebb9347807b7c73b38022ccaa2c314ba4288dc0a227d47c8a11c93eeffda2c2145c42dade227ddb5e44e9b4f7f2651a389c8f588d1060e10622b48f3153
SSDEEP

1536:To9VHFsSzwERq6TNK9tT3cOORqyR8KAs:Tc5FsSzw16B07cOOL8KAs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ff47926085be740ea0454e4da552941

Files

4ff47926085be740ea0454e4da552941
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

ud$xbV
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ