4a948fc3cce4b0258deb1f8f915b9455 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a948fc3cce4b0258deb1f8f915b9455
Size

391KB
MD5

4a948fc3cce4b0258deb1f8f915b9455
SHA1

4ef6cbea55323cddc9d1b46e558d65dc7986551e
SHA256

29effe6a47bba8a0a200b1996d2d6bb0cd421fb7984a7715578e5f9b9675fdc3
SHA512

52f31caeea04b32b42aa00fd75aa1cb3dac767d166e450e77f58b587e5a996c1fec65e2f43ec788e10bc2827a558ed708749c6c360934d5bbc1529d9d855907a
SSDEEP

12288:UzBRM9HEAJLjpFv6w2K/PkFtlVMHFWg1EOfoMzCc3Sa0n:yBRM9kAJLjpFvN/ytkjEOfoMWN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a948fc3cce4b0258deb1f8f915b9455

Files

4a948fc3cce4b0258deb1f8f915b9455
.exe windows:4 windows x86 arch:x86

716344e0882f24e0f0d145188346997f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ReleaseMutex
ReleaseMutex
FindClose
GetPrivateProfileStringA
InitializeCriticalSection
LoadLibraryW
GetCurrentProcessId
LocalFree
lstrlenW
CreateEventW
FindAtomA
GetCurrentThreadId
HeapCreate
GetFileTime
GlobalFlags
TlsGetValue
GetDriveTypeA
IsBadStringPtrW
GetEnvironmentVariableW

user32

CreateWindowExA
DrawStateW
EndDialog
GetClassInfoA
CallWindowProcW
IsWindow
DispatchMessageA
GetKeyboardType
SetFocus
DrawTextA
GetClientRect
GetSysColor
GetSysColor

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ