4abbc0961a40d7791f53f052b0dd715d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4abbc0961a40d7791f53f052b0dd715d
Size

6KB
MD5

4abbc0961a40d7791f53f052b0dd715d
SHA1

a11df3cc0bde36571e8d3dd228b93523d0c0e58f
SHA256

088e0a7a6f97d0cb8c038d42e62de5dc924960a28322319246c239e3d0fef41e
SHA512

15db0778eb7d8ed8f1a6624999e46b5202dd5b9b731b6f56a3b0e47fe07999fb0eb87c893a9c585c1aaa46fcb057421d3fbae3ef9d1865b80706559facd0e15a
SSDEEP

48:i5pVuLHZQ5sVh3Z5+MN/oBhuQz2X2Qzd1WiIZzOGTC41kOGTC1eglSSYLBUrdc2+:MbuLHf3Z5jt9ZdM3zOGkOG6jYLuUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4abbc0961a40d7791f53f052b0dd715d

Files

4abbc0961a40d7791f53f052b0dd715d
.exe windows:4 windows x86 arch:x86

6178a5e82d1748700f922775c20635dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
FindClose
GetModuleHandleW
lstrcatA
GetSystemDirectoryA
WideCharToMultiByte
CreateEventA
lstrcpyW
GetCurrentProcessId
CompareStringA
WaitForSingleObject
lstrcatW
CloseHandle
ExitProcess
GetModuleHandleA
GetCommandLineA
SetEvent
CreateThread
ExitThread
CreateProcessA
Process32Next
Process32First
CreateToolhelp32Snapshot

user32

PeekMessageW
wsprintfA
DestroyWindow
CloseWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
CreateWindowExA

advapi32

RegCloseKey
RegOpenKeyExW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE