4d9203c214610d26485cc9347d10cb27 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d9203c214610d26485cc9347d10cb27
Size

638KB
MD5

4d9203c214610d26485cc9347d10cb27
SHA1

536d174beda5c4570a114d1173b88f3a52e82bbc
SHA256

7a29dd6ba6219b3539808251e6ae7ba83400359b90aae89d91a022c4219df3ad
SHA512

1e56778cf70f71b6b3046c0e45901c02ad28b7718b9842a42ace97a1ef0e9446d90d8e5e1b565f7e6f6b2dd8855018394a1663d5600d07a3076f5a7e0df31869
SSDEEP

12288:ggA+k6FrHtj1mzhTBGST08aQMh0+LoaccKU53N4cm9A08/w:pA+ky1mzh8g5arh0+0n44cm9pp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d9203c214610d26485cc9347d10cb27

Files

4d9203c214610d26485cc9347d10cb27
.exe windows:4 windows x86 arch:x86

4e68be238224ed07a3eec8386cc6691c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
TlsGetValue
InterlockedExchange
GetACP
GetVersion
HeapWalk
LoadLibraryA
lstrlenA
GetProfileIntA
GlobalUnlock
GetTickCount
GetAtomNameA
VirtualProtect
CompareFileTime
WaitForSingleObject
CloseHandle
GetModuleHandleA
GetConsoleCP
GetStdHandle
HeapReAlloc
FindAtomA

user32

ModifyMenuA
CopyRect
DialogBoxParamA
GetMenuStringA
LoadIconA
MessageBoxA
InflateRect
EnableScrollBar
DestroyMenu
SetWindowPos
EqualRect
DispatchMessageA
SubtractRect
CreateCaret
GetScrollRange
GetKeyboardLayout
GetWindowTextA
ShowWindow
GetDlgItem
GetMenu
PostMessageA
InsertMenuA
UpdateWindow
TranslateMessage
PaintDesktop
SetPropA

msi

MsiGetMode
MsiEnumProductsA
MsiDoActionA
MsiCloseHandle
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ