4ca2f66a12a07157a5b069cd1293fa98 | Triage

Sharing

General

Target

4ca2f66a12a07157a5b069cd1293fa98
Size

20KB
MD5

4ca2f66a12a07157a5b069cd1293fa98
SHA1

834bc5b6dcb47a0da7d36f8b808a3edb23688213
SHA256

94680b659be510171f8d8ac021ec4992a7f65a0ed2346e2affbb0b3cdfed6a91
SHA512

52d88bcc9691d6f61c8b44159153755ac39e3ea27d28f47d393749220464f8cfc8de96137dda89278a91471167f8ba9f2f66fff59c246a678309cdb7452ca702
SSDEEP

384:QkjkQ4IWeMzuG2QjrTokDCOum1nWd4S5ERm20MBL9nrN7q:QuD7/cdnToKCMnWdpcm2bBL9rN2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ca2f66a12a07157a5b069cd1293fa98

Files

4ca2f66a12a07157a5b069cd1293fa98
.exe windows:4 windows x86 arch:x86

4ffc88b9a3956d9d4761a41268f20e75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetPrivateProfileSectionNamesA
lstrcmpW
FindFirstFileExA
GetAtomNameA
GetCurrencyFormatA

user32

GetWindowLongA
SetClassLongA
LoadMenuIndirectA
LoadKeyboardLayoutW
CreateDialogIndirectParamA
ChangeDisplaySettingsW

gdi32

PolyTextOutA
AddFontResourceExW
GetEnhMetaFileDescriptionA
CreateICA
CreateFontIndirectA
RemoveFontResourceW
CreateFontA
GetGlyphOutlineA

Sections

.��
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ