4cc63bae233e5be54ee6ac6e8eb430f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cc63bae233e5be54ee6ac6e8eb430f4
Size

44KB
MD5

4cc63bae233e5be54ee6ac6e8eb430f4
SHA1

6d10a87bbaf1485c37e1783c9f8e14f5bda12fa1
SHA256

95e6ea9b37ca28dde21e7b9f2880d6b4b84614620adce024aec4e7135cec2c07
SHA512

21f130be0e02dab79e51f851b2106c494c9765a4d6407ee886488025a6a0c9c99c54c4ad203f96d89c687c2c30b78766cd0109c250cd63ed608a27b37cb42174
SSDEEP

768:qhy8HOroBgNQj9lCcKFDPxHEAkQprIY8uof31meZYe6H+4o/t5+s:qxura32c6DPKgIYvwAe2eFZtJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc63bae233e5be54ee6ac6e8eb430f4

Files

4cc63bae233e5be54ee6ac6e8eb430f4
.exe windows:4 windows x86 arch:x86

ef13c33ec7803788cdba877374c3c803

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateThread
DeleteFileA
CloseHandle
ExitProcess
CreateFileA
GetLastError
GetTickCount
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
WriteFile
FreeLibrary
LCMapStringW
LCMapStringA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers

advapi32

RegCloseKey
GetUserNameA
RegDeleteValueA

wsock32

htons

Sections

Size: 24KB - Virtual size: 22KB

IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 16KB

IMAGE_SCN_MEM_WRITE

Size: 257B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE