471121c4b428654e1e0fe9185d980e28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

471121c4b428654e1e0fe9185d980e28
Size

95KB
MD5

471121c4b428654e1e0fe9185d980e28
SHA1

7a232ac433fdbaeb0871fe782e0dc3802b5f5d3d
SHA256

d84642e0761967e9ff50e23d2a904e3d9df9eac62570bc52ea97cb4828b8398b
SHA512

02b9785108e82f6ca0ffb1fa5adde90c6d24636d5f05dd400d1ae8cc737ff8e64c2f29db892e1b85f7388be0b6dd4a45b28af99dfb904b1b1c0d0ba41889cf11
SSDEEP

1536:K30NQP+2vf5NqNaDujPiHq7PIqm/3oRxIVC/5mpsLiaDpe/oIeWbLJWybLOpTCH:5QPfOjaoNRyVC/5uawojSLJJgTk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
471121c4b428654e1e0fe9185d980e28

Files

471121c4b428654e1e0fe9185d980e28
.exe windows:4 windows x86 arch:x86

3d9149bda6e9e687a51edd1fdfb56d44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strlen
_strnicmp
strncmp
strncpy
strcpy
strcat
localtime
mktime
gmtime

user32

wsprintfA
wvsprintfA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
GetModuleFileNameA
GetSystemDirectoryA
SystemTimeToFileTime
GetFileAttributesA
SetFileAttributesA
CreateFileA
SetFileTime
CloseHandle
GetFileTime
GetEnvironmentVariableA
GetCurrentDirectoryA
HeapDestroy
HeapAlloc
HeapFree
WaitForSingleObject
Sleep
GetTickCount
HeapReAlloc
FindClose
FindFirstFileA
FindNextFileA
ReadFile
SetFilePointer
GetFileSize
WriteFile
GetLocalTime

shell32

ShellExecuteExA

Sections

.avp
Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE