4a9e00d5ce0ab129a9d93cae4132c017 | Triage

Sharing

General

Target

4a9e00d5ce0ab129a9d93cae4132c017
Size

46KB
MD5

4a9e00d5ce0ab129a9d93cae4132c017
SHA1

1b17a3ab7eadb9aa55df2365433c84fc8a6cc9b3
SHA256

9ac91ceb7675f07dfbc90130fd73e7210ddf598fb74c30a879cf32506855c312
SHA512

e9306d0ccd5efb4a687426af16cb7a97f33205623fbcb5338ad7d2d0811cb7474450fa026ca16518e3f5e46d4cf55c5090154dd88ca3c0869a2ca3bc827e2184
SSDEEP

768:PHrWYzwyQkfhL4srp+KZprr61/7DeUzJLjvJNUoEs4S6:fCYsDWhL40USrG1GUzJLjvJNq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a9e00d5ce0ab129a9d93cae4132c017

Files

4a9e00d5ce0ab129a9d93cae4132c017
.exe windows:4 windows x86 arch:x86

d462694bd082cc9c8a155ef70e182588

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

esent

JetCloseFile

uxtheme

GetThemeInt

wtsapi32

WTSFreeMemory

shimeng

SE_DllLoaded

user32

SetFocus

Sections

.MPRESS1
Size: 19KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE