4d4125cc9de44e61170cdec55205a92a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d4125cc9de44e61170cdec55205a92a
Size

6KB
MD5

4d4125cc9de44e61170cdec55205a92a
SHA1

b75287618433342cb8dd99e6a5ff89c9219c8372
SHA256

dca9edad0b6f5f81af35ee4ca4c9fafbe16bdf4b54f60aa607a621511aafa06a
SHA512

97797632198545070344b4d5ebc795bf0a54a9c906140d5d3a4f5100bd7f2f28825b7510cea1216cfccb83d4e5f0708309cc72c541179024290f6dbefdbb8141
SSDEEP

96:6fo/PO+m7h51TMT6qsJ77ahFmrcCgn17XHyHgSAKia5o/yCurHleDvlk/:6fo/eh51TMT9sJcCgxXHyHgS00o/ypTN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d4125cc9de44e61170cdec55205a92a

Files

4d4125cc9de44e61170cdec55205a92a
.exe windows:4 windows x86 arch:x86

088c50bc7e4b3b652940aebc6f90fd37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetModuleHandleA
OpenProcess
ExitProcess
Sleep
WinExec
CopyFileA
lstrcmpiA
GetModuleFileNameA
GetSystemDirectoryA
GetWindowsDirectoryA
ResumeThread
WriteProcessMemory
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateRemoteThread
CreateProcessA
CloseHandle
RtlUnwind

user32

FindWindowA
GetWindowThreadProcessId

advapi32

RegSetValueExA
RegCreateKeyExA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ