4032b3de3fd850d651b88a9548722eef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4032b3de3fd850d651b88a9548722eef
Size

152KB
MD5

4032b3de3fd850d651b88a9548722eef
SHA1

17c09f49fb994dd2ba22d8dee2e78ee421ddfb55
SHA256

21b4f9a124b43e01703134e7d839c5d56585059e1f1970e4523f3f4bf9d66e7b
SHA512

c62c0f626087b6bba5e6c9fa118afc815f374c79bf31eea5d0fd1ba6492aff18bdf8cce16a8f172b3efc13ebe300b1a6ab68d2693855c8cb6b1f3198b9ceb3c1
SSDEEP

3072:pfYRJLiRChkUbxoBdIClZMBDy3mFYy2g5BdmZuriVPSkm0yau:pA/WRCfoRlWFy3JkIZurid8f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4032b3de3fd850d651b88a9548722eef

Files

4032b3de3fd850d651b88a9548722eef
.dll windows:4 windows x86 arch:x86

efdc86a460a2e1becde3779038954191

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MoveFileWithProgressA
WritePrivateProfileStructA
GlobalMemoryStatusEx
LCMapStringA
SetComputerNameExA
GetComPlusPackageInstallStatus
GetDllDirectoryA
CreateFileA
VirtualAllocEx
ResumeThread
GetConsoleWindow
RaiseException
ReadConsoleA
SetEvent
ReadConsoleOutputCharacterA
WritePrivateProfileStringA
LoadLibraryExW
GetProcessShutdownParameters
GetPrivateProfileIntA
ResetEvent
GetConsoleCursorMode
CancelWaitableTimer
HeapCreate
CommConfigDialogA
ReadConsoleInputA
FlushViewOfFile
EscapeCommFunction
Sleep
GetWindowsDirectoryA

wininet

FtpRemoveDirectoryW
ResumeSuspendedDownload
InternetUnlockRequestFile
InternetGetConnectedStateExA
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
InternetCrackUrlA
FtpSetCurrentDirectoryW

Exports

Exports

SetAkesjaltgqh
AddNemlkllhuw
OpenBcoukceep
Wdsevpchkfr
GetVaoyyqdqn
Cjtlxbb
Fjgjcegh
GetQqxifbbswvo

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ