4d8f94c1a1943077e3e1753eb42149cf | Triage

Sharing

General

Target

4d8f94c1a1943077e3e1753eb42149cf
Size

175KB
MD5

4d8f94c1a1943077e3e1753eb42149cf
SHA1

195f64ff2c3aed5c191ee7e5ff297cee820fb629
SHA256

67c466ad47627b4401fec65226ae8670ac545ee01ffa31b094dab5d73dc98607
SHA512

094505f05ba86b9e168d322b2bd2d890b0c1d9a0724297f801c53db546d76e36cafc41be9b11a812d40d6c2e365bd8840eb067792ed4d54aaf36550141f4a2fd
SSDEEP

3072:2m5QF7S/47z2oFQdbjtfyXnlNthYbVgM1RFsOzjcOGwBpPhvoiMMlv+Kzu/I5486:2meu/4fdFQVhyXbYF1RFQ/wfZMMNZaRr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d8f94c1a1943077e3e1753eb42149cf

Files

4d8f94c1a1943077e3e1753eb42149cf
.exe windows:4 windows x86 arch:x86

42b7181d38fb72e9d71ce78f5dfd8cfa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
mouse_event

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
FindFirstFileA

gdi32

GetDeviceCaps

advapi32

RegOpenKeyA

shell32

ShellExecuteExA

ws2_32

inet_ntoa

msvcrt

malloc

avicap32

capGetDriverDescriptionA

wininet

FtpPutFileA

Sections

.text
Size: 19KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE