4108dc09c83cd2e49fe692d1af9e2ad8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4108dc09c83cd2e49fe692d1af9e2ad8
Size

401KB
MD5

4108dc09c83cd2e49fe692d1af9e2ad8
SHA1

7362d328ab69c58911c0ede56f5a80495b7db506
SHA256

654be8019c578921b9dae72b0a7914b7dfb2f138060a421581517d76b0e104c8
SHA512

7ba333beabff0ea294810a5a087f970f07da89f220e5c3871798f1f718a2eebcd500555ba4c32f27cc6c61215843198799fad39f8ae5a4e5545b135e937ad61b
SSDEEP

12288:tHtXTFaiVMVkL3cGFY28xmRe35rWwoRnXrtF7:7kU0Zc7nX/7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4108dc09c83cd2e49fe692d1af9e2ad8

Files

4108dc09c83cd2e49fe692d1af9e2ad8
.exe windows:4 windows x86 arch:x86

cbf0674cfde81da7b525afdf8aced306

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
SetComputerNameA
GetModuleFileNameA
GetProcAddress
VirtualAlloc
HeapReAlloc
ContinueDebugEvent
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
SetConsoleTextAttribute
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
GetCurrentDirectoryA
GlobalFlags
SetCurrentDirectoryW
InterlockedExchange
RtlUnwind
OpenFileMappingW
QueryPerformanceCounter
VirtualQuery
LoadLibraryA
ConvertDefaultLocale
EnumDateFormatsExW
ReadConsoleInputA
lstrcpyA
ExitProcess
GetTickCount
SetSystemTime

user32

DlgDirListW
DlgDirSelectComboBoxExW
VkKeyScanExA
SetWindowContextHelpId

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ