4899bbafd704b849fc73cce025b5d48a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4899bbafd704b849fc73cce025b5d48a
Size

118KB
MD5

4899bbafd704b849fc73cce025b5d48a
SHA1

63f4a7407e41b16f0728d9f95497a9dcc00b9eb5
SHA256

dd0fdef726424b2efe152ed0f5fff6663542012630bf97c68ade625e7722b12d
SHA512

80886b264df633d60f3efdf09ae21bcd73ac66ea5f04dc1d404e5f827f8152adab74e414b0f96fe456beb2d1e2a68779c9b96ed9e91cad1d20aa2452eb05cd89
SSDEEP

3072:eZPOmaEnl8xxufnbGu0S9KSRUdF9PA8uo4V:en7nm0KuPwRdvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4899bbafd704b849fc73cce025b5d48a

Files

4899bbafd704b849fc73cce025b5d48a
.exe windows:5 windows x86 arch:x86

88be2079b9213c9640cc6f205d8edd0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
CopyFileA
QueryPerformanceCounter
lstrcmpA
GlobalFindAtomA
RemoveDirectoryA
lstrcmpiW
lstrlenA
DeleteFileA
GetCommandLineA
lstrlenW
RemoveDirectoryW
FindClose
GetModuleHandleA
lstrcmpiA
GetSystemTime
VirtualAlloc
VirtualFree

user32

GetSystemMetrics
GetDC
CharNextA
GetDesktopWindow
TranslateMessage
GetParent

gdi32

GetDeviceCaps
RestoreDC
RectVisible
SelectObject
SetTextAlign
CreateSolidBrush
GetClipBox
SetMapMode
CreatePalette
GetStockObject
SelectPalette
SetStretchBltMode
LineTo
GetPixel
CreateCompatibleDC
GetTextMetricsA
SaveDC
DeleteObject

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ