4478e9e691e2694b6ddd85de83ef0eb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4478e9e691e2694b6ddd85de83ef0eb5
Size

30KB
MD5

4478e9e691e2694b6ddd85de83ef0eb5
SHA1

9ff3f5cc7c504f9ce0aa05394b5742986efd25da
SHA256

106f20bd13a62adea055ebe2f1becf364415efc82b8d7a77ace012290c7a66ff
SHA512

fd8af8d5b68f69a5a610ab79b0aa8a1a0ddbe218ee59eb6ee679016fd3943c9800a32bc2980a1cf2b497ea05e4489d591716f2a5d46e2b9b6cf9f1ed4d9cbbf9
SSDEEP

768:s4s9FnjgwCKJFFtxkpoGYDlogOmnMbcP1YKWsf:s4sbnjzPDEohimnMW1nWsf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4478e9e691e2694b6ddd85de83ef0eb5

Files

4478e9e691e2694b6ddd85de83ef0eb5
.exe windows:4 windows x86 arch:x86

05d3865d55c623dd54e6b4b03f3b519d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DnsHostnameToComputerNameA
FatalAppExitA
UpdateResourceA
AreFileApisANSI
QueryPerformanceCounter
GetOverlappedResult
MultiByteToWideChar
SetLastError
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

text
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ