4539d905ec13b4f565ff7cf37b79fde6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4539d905ec13b4f565ff7cf37b79fde6
Size

233KB
MD5

4539d905ec13b4f565ff7cf37b79fde6
SHA1

d944610683ae14a7a6d8be9c8cb3c366d5b12404
SHA256

bb14d20e9ce3f34ca2e7623391989badfbaaa93abcbc6384d9ee3cd76d3ab449
SHA512

a58be351b046410abcf3bff267d279118ae93d04f86ac3f75a91fd213a17e995bb0b72a3b337036ff24641db94c9cce477b106404b0f646df21d74877d50dc52
SSDEEP

6144:CHoorzIh3H8OW0PDdd292mVNWskM2RB5GK:CHoorI3cOWoBs92WkM2RB5GK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4539d905ec13b4f565ff7cf37b79fde6

Files

4539d905ec13b4f565ff7cf37b79fde6
.exe windows:4 windows x86 arch:x86

0dc6250be3cb1f1dee8ab7028d64db9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegEnumValueA

kernel32

SetHandleCount
GetCommandLineW
GetCommandLineA
ExitThread
lstrlenA
lstrlenW
GetProcAddress
InitializeCriticalSection
GetModuleHandleA
ReadFile
VirtualAlloc
LoadLibraryA
GetStdHandle
lstrcpynA
ExitProcess
GetStringTypeW
GetStringTypeA
GetLastError
WaitForSingleObject

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathA

comdlg32

ChooseColorA
GetOpenFileNameA
FindTextA
GetFileTitleA

version

VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

CreateCompatibleDC
GetPaletteEntries
LineTo
CreateDIBSection

Sections

CODE
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 665B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ