4154ab977f4ffdbc41047e20d3eff94f | Triage

Sharing

General

Target

4154ab977f4ffdbc41047e20d3eff94f
Size

375KB
MD5

4154ab977f4ffdbc41047e20d3eff94f
SHA1

81ed0997e7b2d598c4a86b26544d9fe6e3f11678
SHA256

f6efa6beb48f15626a65f0c40d8de9500a569d10f6955ed9f15afc9a604a3138
SHA512

986c447d30efd64e90b0ff63cec8ef855989410ec6b1c76a56ac1a674c894b1e1f215709587b88a1b754106abe23e11a700909293f1e8e9bc529538237d46680
SSDEEP

6144:dVXGYtc7MowT2eFdOywz7HUIAo92MG5uSa9kMFgjKZCyLgNwP91fCkUOxKrNLLAJ:1OAowRFd/wP08AMG5uPzFgjm9LgK9KVG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4154ab977f4ffdbc41047e20d3eff94f

Files

4154ab977f4ffdbc41047e20d3eff94f
.exe windows:4 windows x86 arch:x86

a1c275c2b8faa0ea0fa02b4ea51860b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenA
lstrcatA
Sleep
SetLastError
CloseHandle
SetEvent
UnmapViewOfFile
CreateFileA
LocalUnlock
HeapCreate
LoadLibraryW
GetCurrentDirectoryA
CreateThread
GetComputerNameA
LocalFree
PulseEvent
GetSystemTime
GetCommandLineW
GetModuleHandleA

user32

DrawMenuBar
CallWindowProcA
IsWindow
CreateWindowExA
DrawEdge
GetDlgItem
GetDC
FillRect
DispatchMessageA
GetScrollBarInfo
CheckRadioButton
SetFocus
GetKeyState

clbcatq

CheckMemoryGates
UpdateFromAppChange
DowngradeAPL
SetupOpen
SetSetupOpen

timedate.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ