4d9ae12b11fc1d40fac172f3faa85027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d9ae12b11fc1d40fac172f3faa85027
Size

50KB
MD5

4d9ae12b11fc1d40fac172f3faa85027
SHA1

242dfc776c77ed4fd5a7c4a9810de19fe4fb5309
SHA256

6dd9c89451947b84485759d0586e67282285093af22d8aff4e78a70068dfbac8
SHA512

b23d67741905691474ee1abceb721e94fe1bdc67421571cae3005b3030811bdb08b69a9e191a718e8b67ef64d250cd8ceaa3646104500490f57fd818fe1eb41a
SSDEEP

1536:S7cSfonbWL4VFvW7r5rAMt+npBxcuKOe:S7c3P7AlAMt+npBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d9ae12b11fc1d40fac172f3faa85027

Files

4d9ae12b11fc1d40fac172f3faa85027
.exe windows:4 windows x86 arch:x86

02c027681001a7b3499ccd89f55c2001

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FatalAppExitW
GetConsoleTitleA
GetTempFileNameA
GetVersionExA
InterlockedDecrement
SetCommState
WaitForMultipleObjects
WriteConsoleW
lstrcatW

advapi32

AreAllAccessesGranted
CryptContextAddRef
CryptSetProviderExW
EnumDependentServicesW
GetSecurityDescriptorSacl
IsValidSecurityDescriptor
LookupPrivilegeNameW
RevertToSelf

user32

DialogBoxParamA
DrawTextExW
GetCaretBlinkTime
GetPropW
PostQuitMessage
SetWindowPos

gdi32

CreateCompatibleDC
CreateICW
CreatePatternBrush
CreateRectRgnIndirect
CreateSolidBrush
DeleteColorSpace
ExtEscape
GetBitmapBits
GetLogColorSpaceW
GetTextCharacterExtra
GetTextExtentPoint32A
OffsetViewportOrgEx
PolyBezierTo
SetColorSpace
SetWinMetaFileBits

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE