4a2a1301a8d125812e0880b8ba47074a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a2a1301a8d125812e0880b8ba47074a
Size

124KB
MD5

4a2a1301a8d125812e0880b8ba47074a
SHA1

f02a4b2a54799fd7e63c989903a8453e6f03dc2f
SHA256

c6e910d74c76cd5c20b2c8553c1403b371c58bf8e290e72808c296989b9599c8
SHA512

0508ec9d83d85e754359cc19c67309c5176a8b70b3c70bebc06242791bdf8a622d6b0249a06afb537e442085e39a8a447ff54569daa44ee24a6a46949822b8a8
SSDEEP

3072:9QO+7H8nru/hV/Q4PYFCt4lPqhysm3LAogcI:uh7+rghV5Pj4MysaUojI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a2a1301a8d125812e0880b8ba47074a

Files

4a2a1301a8d125812e0880b8ba47074a
.exe windows:4 windows x86 arch:x86

1b149eb22fa5bc790851042fb18e76d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

NlsGetCacheUpdateCount
GetProcessWorkingSetSize
SetCommTimeouts
InvalidateConsoleDIBits
GetProcAddress
NlsConvertIntegerToString
SetConsoleCursorMode
GetCurrentConsoleFont
EnterCriticalSection
lstrcmpA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

rc60
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rc61
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

rc62
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

rc63
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ