4508e91b71580478c9de707753ff2e96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4508e91b71580478c9de707753ff2e96
Size

717KB
MD5

4508e91b71580478c9de707753ff2e96
SHA1

516e0b6831445451e7a487f0c23002b82b09ba8a
SHA256

4a73566ad5d34c58176618a86a0ac48ce01b7ce97530d5861dcd28963132e154
SHA512

91a20a9221434a88335af7c8db277d03d778eb2e20e48bc8a1669eaec33ffdecc7f8644e11b0dda001d69b1f4063c235277e74a2476f0091122da92b328c0ca0
SSDEEP

12288:KUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQB:OkyTyxnSN4XG00tsL+LQ8cswQwsYC3hS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4508e91b71580478c9de707753ff2e96

Files

4508e91b71580478c9de707753ff2e96
.exe windows:4 windows x86 arch:x86

a05f46756ff0bf657ddfc6e19e141bb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ResetEvent
CompareFileTime
CloseHandle
GetProfileIntA
VirtualProtect
lstrlenA
FindAtomA
GetACP
LoadLibraryExA
SetEvent
GetAtomNameA
HeapReAlloc
GetConsoleCP
GetVersion
HeapWalk
InterlockedExchange
WaitForSingleObject
TlsFree
GlobalUnlock
GetTickCount

user32

EqualRect
ScrollDC
InflateRect
MessageBoxA
GetMenu
GetWindowLongA
DispatchMessageA
PostQuitMessage
GetKeyboardLayout
SetPropA
DialogBoxParamA
PostMessageA
LoadIconA
SetSysColors
GetParent
DestroyMenu
SetWindowPos
InsertMenuA
CopyRect
GetWindowTextA
ModifyMenuA
ShowWindow
UpdateWindow
GetSubMenu
EnableScrollBar
GetScrollRange
GetMenuStringA
TranslateMessage
GetDlgItem

msi

MsiEnumProductsA
MsiCloseHandle
MsiEnumClientsA
MsiGetMode
MsiDoActionA

uxtheme

GetThemeBool

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ