4bb6d2aa5fcf77d1308e587560054d65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bb6d2aa5fcf77d1308e587560054d65
Size

62KB
MD5

4bb6d2aa5fcf77d1308e587560054d65
SHA1

774a67ee7070e0ea0a05bb8896432ebc2a3dc49a
SHA256

77fedc1daddcda8dbadb74baa990048ae88ab178e74b53d5dc4907f7fef0d7e2
SHA512

395ba8457fe6d5944f46ea93fcdecadb0ecfb01fd57b050cdcb0e230ab25291a2b441b21790cdf2033c50850869d98b48e202d5006d1f9e65d9b9a4afa71424d
SSDEEP

1536:cBEaM8CJzYwJZDf+pjKeFYEMVVFmwNIu38hB0:cyXzh+weCVDFmwKhm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bb6d2aa5fcf77d1308e587560054d65

Files

4bb6d2aa5fcf77d1308e587560054d65
.exe windows:4 windows x86 arch:x86

fea1c71c210fd002a5b6aefbd4c83e7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

wnsprintfA
wvnsprintfA
PathCombineW
wvnsprintfW
wnsprintfW
PathFindFileNameW
SHDeleteKeyA
StrCmpNIA
PathMatchSpecW
StrStrW
PathFileExistsW

kernel32

GetFileTime
ResetEvent
GetFileSizeEx
GetFileAttributesW
HeapReAlloc
GetModuleHandleA
VirtualAlloc
VirtualProtect
lstrcpynW
FindClose
HeapAlloc
GetProcAddress
OpenMutexW
WideCharToMultiByte
GetFileAttributesA
lstrcmpiW

user32

GetClipboardData
LoadCursorA
FindWindowExA
GetKeyboardState
SetProcessWindowStation
GetWindowTextA
SetThreadDesktop
CloseDesktop
GetDlgItem
GetMessageA
SendMessageA
CloseWindowStation
DispatchMessageA
DrawIcon
PeekMessageA
OpenWindowStationA
GetIconInfo
GetClassNameA
GetKeyState

advapi32

CryptCreateHash
CryptDestroyHash
RegCreateKeyExA
DuplicateTokenEx
GetUserNameW
CryptAcquireContextW
RegEnumKeyExA
CryptGetHashParam
RegSetValueExA
RegDeleteValueA
CryptHashData

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE