0476d722498cbd17494a0d83431ee3e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0476d722498cbd17494a0d83431ee3e4
Size

52KB
MD5

0476d722498cbd17494a0d83431ee3e4
SHA1

4c919ab053b3401c8636226c14e9ef18fe4d386b
SHA256

a4980c9d88696c37e9433cf5ea88ecca680d0182166483dab6a9508c4b4413da
SHA512

215f8a4ba6806f75ac2aa65717970615e91b5c4a11a11c13c54ece8bbe5a974407409a96ce96d61a3070d54b4d9652b66e9f26c8c0de117e88f48fb28ab28777
SSDEEP

1536:MGdB+fZOthl+jbG5wYT+mbnS0PSy6rt6W:MGsZOtoUwYT+mbnS0PSZB6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0476d722498cbd17494a0d83431ee3e4

Files

0476d722498cbd17494a0d83431ee3e4
.exe windows:4 windows x86 arch:x86

77a6ea19d959c2210ed08c8a2dd61c24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SetThreadPriority
LockResource
GetUserDefaultLangID
FindFirstChangeNotificationW
FindResourceExW
LoadLibraryA
WideCharToMultiByte
GetFileAttributesExW
WaitForMultipleObjects
GetVersion
GetLocalTime
ResumeThread
FindNextChangeNotification
GetLastError
InterlockedIncrement
GetCurrentThread
GetModuleFileNameW
VirtualFree
SizeofResource
GlobalAddAtomW
SetEvent
GetFileSize

user32

SetLayeredWindowAttributes
SendDlgItemMessageW
LoadCursorW
DefWindowProcW
TrackPopupMenu
GetCursorPos
LoadStringW
IsDlgButtonChecked
SetCursor
DispatchMessageW
DestroyMenu
wsprintfW
PostQuitMessage
SetForegroundWindow
CreatePopupMenu
DrawTextW
VkKeyScanW
ReleaseDC

gdi32

CreateFontIndirectW
SetDIBits
CreateCompatibleBitmap
CreateSolidBrush
DPtoLP
CreatePen
SelectObject
SetTextColor
CreateBitmap

advapi32

LookupAccountSidW
RegQueryValueExW
StartServiceW
RegSetValueExW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE