4a61ca6334783c85f5261248aa9f5e87 | Triage

Sharing

General

Target

4a61ca6334783c85f5261248aa9f5e87
Size

12KB
MD5

4a61ca6334783c85f5261248aa9f5e87
SHA1

d58958581da5d921e75d4363bf07b8f5379baacc
SHA256

30f5d6c170e38ace0537092caddf08a2a39139ea636d82a18266ab7b5f111731
SHA512

41ab818586ffd4df8b30b551dc00485fac40736fd7a6e76188f9c2ba05afbd63e6185af27e1b06b97e4718e9aec0ab89846debcd13b69df474dd1859472185a8
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyY:v+dAURFxna4QAPQlYgkFlplVDuyY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a61ca6334783c85f5261248aa9f5e87

Files

4a61ca6334783c85f5261248aa9f5e87
.exe windows:4 windows x86 arch:x86

cc40fefa3af5cd00cc28dbd874038a4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
DeleteFileW
ExitProcess
GetComputerNameW
GetCurrentDirectoryW
GetFileSize
GetModuleFileNameW
GetTempPathW
GetVersionExW
ReadFile
WriteFile
lstrlenW
lstrcmpW
SleepEx
VirtualAlloc

wininet

HttpOpenRequestW
HttpSendRequestW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetReadFile

shell32

ShellExecuteW

ntdll

RtlDecompressBuffer
swprintf

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ