4678b2491f8ba5c6ded22944aa32e06c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4678b2491f8ba5c6ded22944aa32e06c
Size

71KB
MD5

4678b2491f8ba5c6ded22944aa32e06c
SHA1

961d7d18bd62f48186041b258c67f302d910e218
SHA256

00d49181894f11960690470edaa487d3e7221c3d772214525b3c2e09e7772492
SHA512

a9a23ddbda4261a343904ca43b1c3d9909dee7785a1851f5158f3448b6ff7e044fededc70343df85973b3fe69976c139a897757dded94d7a1283128d487d1825
SSDEEP

1536:c81apEz96gmzOwfheEnFgo89vmlppJWIWyKFKk6T2:Zop49/aO6xFgo89vmlppJArZ6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4678b2491f8ba5c6ded22944aa32e06c

Files

4678b2491f8ba5c6ded22944aa32e06c
.exe windows:4 windows x86 arch:x86

458a3c2b9d387e504924f2a4fd8468d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
LCMapStringA
MultiByteToWideChar
lstrcatA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
SetFilePointer
LCMapStringW
GetCPInfo
SetHandleCount
CreateFileA
GetVersion
GetModuleFileNameA
GetOEMCP
GetStdHandle
lstrcpyA
GetACP
GetCommandLineA
GetStringTypeA
lstrcpynW
lstrcpynA
GetFileType
GetStringTypeW

user32

DrawTextW
GetCursor
GetFocus
DialogBoxParamW
InsertMenuA
CopyIcon
CopyRect
DialogBoxParamA
CloseWindow
IsMenu
LoadMenuA
CopyImage
DrawIconEx
DrawIcon
GetDlgItem
CreateIcon
DrawTextA
GetWindowTextLengthA
LoadCursorA
GetDC
GetWindowTextA
EndDialog
IsWindow

comctl32

DrawStatusText
ImageList_EndDrag
ImageList_AddIcon
ImageList_Create
ImageList_Add
CreateToolbarEx
ImageList_Destroy
CreateStatusWindowW
CreateToolbar
MenuHelp
CreateUpDownControl
CreateStatusWindow

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 18.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ