4d711a3a2704894f68484916dc41d1af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d711a3a2704894f68484916dc41d1af
Size

9KB
MD5

4d711a3a2704894f68484916dc41d1af
SHA1

bae734479602d7693c31ce2b12a682af928e1958
SHA256

cd881f3cfe4ba31b00b17c46058a5f407837039bd0c2a3b0b25b53ad645da935
SHA512

e54b28aa8a0c758d5cd53d35951abb67420a00c7173d399a63d31b377f58d7cb76c90a24a94340c812e5f809302336ba88274a77663eb62cf77332f17e308652
SSDEEP

192:7hfCEIAKArjdDsI740e6xzJ8RNmY24NpY5csSBGf6N:lCE7/bemzKRUY20aJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d711a3a2704894f68484916dc41d1af

Files

4d711a3a2704894f68484916dc41d1af
.exe windows:4 windows x86 arch:x86

2a20f1a339c3536bccbaa4620c91aaae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupWrite
EnumSystemCodePagesW
ExitProcess
FindAtomW
GetCurrentDirectoryA
GetPrivateProfileStringA
GetShortPathNameA
GetThreadPriority
HeapValidate
LocalHandle
LocalUnlock
PeekConsoleInputA
SetConsoleTitleA
SetEnvironmentVariableA
WriteFileEx

advapi32

BuildTrusteeWithNameA
ConvertAccessToSecurityDescriptorA
CryptSignHashA
EnumServicesStatusA
EqualSid
GetNamedSecurityInfoA
GetSecurityDescriptorLength
MapGenericMask
QueryServiceLockStatusW
RegEnumKeyExW

user32

CharToOemBuffW
ChildWindowFromPointEx
CreatePopupMenu
DdeQueryNextServer
EditWndProc
GetClipboardViewer
GetKeyboardType
GetMenu
GetUserObjectInformationW
IsCharAlphaW
LoadBitmapW
RegisterClipboardFormatA
UnregisterDeviceNotification

shell32

ExtractVersionResource16W
RegenerateUserEnvironment
SHBrowseForFolder
SHGetFileInfo
SHQueryRecycleBinA
SheChangeDirW
SheRemoveQuotesW
ShellExecuteExA
ShellExecuteW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE