4cf03a1a19f184beea5c485a56120b7a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cf03a1a19f184beea5c485a56120b7a
Size

13KB
MD5

4cf03a1a19f184beea5c485a56120b7a
SHA1

dbdce69b144f9b978f1203a719c1e492c99ad34e
SHA256

8f7e0834ed1c37b53f7ca75eb89ec6b79424f1084878810744678f6d948d10a7
SHA512

0d7f11edad004b7894f969f0455f394e615f680a2b6a1dfee482afa545983032a86e07b2642b4a6f0a32ffa698dd13b60db14f93b7f705665306e3a2e36ff401
SSDEEP

384:S/48omRXW7gK1OPVarEO/5lZIvZFdmc5yN8wxv:eomRX6ggOPVawO/5lZoIcYNR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cf03a1a19f184beea5c485a56120b7a

Files

4cf03a1a19f184beea5c485a56120b7a
.exe windows:4 windows x86 arch:x86

df0de6b2e6872961ca548d764de09b46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
CopyFileA
MoveFileA
DeleteFileA
SetFileAttributesA
CloseHandle
CreateThread
FindFirstFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
ExitProcess
FormatMessageA
GetLastError
lstrcpyA
lstrlenA
lstrcpynA
FindNextFileA
lstrcmpA

user32

FindWindowExA
FindWindowA
GetClipboardData
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetDesktopWindow
SendMessageA
ExitWindowsEx
BlockInput
SetCursorPos
MessageBoxA
ShowWindow

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ws2_32

accept
listen
bind
send
socket
WSAStartup
recv
closesocket
htons
WSACleanup

wininet

InternetGetConnectedState

urlmon

URLDownloadToFileA

winmm

mciSendStringA

Sections

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE