11a4a4c609e747ba6922ed9286fd30d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11a4a4c609e747ba6922ed9286fd30d4
Size

451KB
MD5

11a4a4c609e747ba6922ed9286fd30d4
SHA1

8f3d71fc15fc30fe71d15c21d2e2a869e63ea68c
SHA256

27afe82d9170cacdd334326f13b858e00b098b086a50e4d59ce8d0c1e54c31d3
SHA512

02dbe25eab1253c130375ac2ef763a42c14f093ef4c34170df903353d052318c0425ce32b344277973682942c5dce641433e2faeb8c150714f19b7617933f0d3
SSDEEP

12288:Ml68I5GHwWCwLqlBzfv9/kUlq6LXe3bndb:3TDWZL+z3hvTM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11a4a4c609e747ba6922ed9286fd30d4

Files

11a4a4c609e747ba6922ed9286fd30d4
.exe windows:5 windows x86 arch:x86

018576c083a7e59d6a6fd95988f6cd4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
DeleteAtom
HeapFree
RemoveDirectoryA
GetCurrentDirectoryW
GetModuleFileNameA
CreateDirectoryA
RemoveDirectoryA
CreatePipe
WaitForMultipleObjects
GetCurrentThreadId
HeapCreate
GetFileType
FatalExit
ClearCommBreak
CloseHandle
GetDriveTypeW
AddAtomA
lstrlenW
Beep
GetModuleHandleA
IsBadWritePtr
WriteFile
CreateSemaphoreA
GetCommandLineA

cryptui

WizardFree
LocalEnroll
CryptUIStartCertMgr
CryptUIWizBuildCTL
CryptUIWizDigitalSign
LocalEnrollNoDS
CryptUIDlgFreeCAContext
DllUnregisterServer
CryptUIDlgViewContext
WizardFree
CryptUIWizImport
DllRegisterServer
CryptUIWizExport

iyuv_32

AboutDialogProc
AboutDialogProc
AboutDialogProc
AboutDialogProc

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE