4b5366bac7957b97cac2a3efeef2804e | Triage

Sharing

General

Target

4b5366bac7957b97cac2a3efeef2804e
Size

452KB
MD5

4b5366bac7957b97cac2a3efeef2804e
SHA1

4474d531bb155e1842b1ae6f8c471cf8b6c1ea1c
SHA256

5be3f7d6931a82d6623648f8d98fd51050dbaa210aad6bc187b8aa394c3dfcb5
SHA512

9c74dc56a4d764787df7447fbc9b54c63e72183621222fdcb29015322b51ca64e6cda1dfe93d39056b7ab9bc376c041e941ee0fb26cb607e246276db9b9d51b1
SSDEEP

12288:de6KRlnwiSm+xHSD71QKK1MieKbSUsJfclZwn+hRl1U6y0Qhf:d3KpSKD71E1MieKDZg+hjyFhf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b5366bac7957b97cac2a3efeef2804e

Files

4b5366bac7957b97cac2a3efeef2804e
.exe windows:5 windows x86 arch:x86

743cd21b0a86ad4065de6cce70990b8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
GetProcessHeap
GetModuleFileNameA
CreateDirectoryA
WriteFile
SetEndOfFile
GetModuleHandleA
HeapFree
IsBadWritePtr
DeleteAtom
FindClose
GetDriveTypeW
RemoveDirectoryA
CreatePipe
ExitThread
ClearCommBreak
SetVolumeLabelA
WaitForMultipleObjects
HeapCreate
AddAtomA
GetCommandLineA
GetFileType
RemoveDirectoryA
FindAtomA
CloseHandle

clbcatq

CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup

msvidc32

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE