41415fb859c265d55ee12a5a02c99c4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41415fb859c265d55ee12a5a02c99c4e
Size

120KB
MD5

41415fb859c265d55ee12a5a02c99c4e
SHA1

b785d00495314fb970198325fde9704f228a824a
SHA256

d3ab4a4c4d5763d07fcfa4d62765986992c1fc03986ae2e8983fa0db0af60c39
SHA512

2db96a5fb6af0ea9858a4a518eb6f2e57ec31b761e72762406bf7ab9b7cf0ec90eadc92bb261a0e970393380aaf662957cc7740d5c05fcbfbc9d1af2b335c11c
SSDEEP

3072:VyPiYtBIh8jc4Sye8ygDivgSVyqAzQXMxMxPM:0aYtc88MLTS6/x4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41415fb859c265d55ee12a5a02c99c4e

Files

41415fb859c265d55ee12a5a02c99c4e
.exe windows:4 windows x86 arch:x86

96038bb773c15b662077140ddd20f790

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoCreateInstance
CoFileTimeNow
CoUninitialize
CoInitialize

occache

FindControlClose

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

kernel32

LockResource
LockResource
MapViewOfFile
GetModuleFileNameA
GetTempPathA
SetEndOfFile
ReadFile
SetFilePointer
FindNextFileA
CreateFileA
EnumResourceNamesW
VirtualQueryEx
SizeofResource
GetSystemInfo
CreateFileMappingW
ExitProcess
FindFirstFileA
FindClose
UnmapViewOfFile
GetFileAttributesA
FindResourceW
GetCurrentProcess
CloseHandle

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ