4d9c4b958ebe81541a28fd3822d0ae82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d9c4b958ebe81541a28fd3822d0ae82
Size

451KB
MD5

4d9c4b958ebe81541a28fd3822d0ae82
SHA1

f42478f4d0907e42612a2a2d09401b921307eaf6
SHA256

7e14d67a2fc12494b0a24a4654e072dc0ba42e145ca7e8332fd8caeed089d2eb
SHA512

d6ca9721e9ab6f02334085a8837f49d4522d9079946c48ed20aa322c048cd16c8783868bd3176e2830801243e7bdf806da75c984913cf2e930133f8b38b40d72
SSDEEP

6144:Co3vmyXKA6P196JHZLLDoqPeGn7tJBMOuwgz0wW07MpezITXcntdxa8Wg2rikW:Co3IA6r61doqPFuwJ0WXctXa80ri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d9c4b958ebe81541a28fd3822d0ae82

Files

4d9c4b958ebe81541a28fd3822d0ae82
.exe windows:5 windows x86 arch:x86

467991ece555d2754413070a2fac3cc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
WaitForMultipleObjects
GetCommandLineW
lstrlenA
GetModuleFileNameA
CloseHandle
IsBadReadPtr
CancelIo
GetDriveTypeA
SetFileAttributesW
GetFileType
HeapFree
GetFileAttributesA
HeapCreate
FindVolumeClose
GetCommandLineA
EnterCriticalSection
ExitThread
GetModuleHandleA
LocalSize
GetCurrentDirectoryW
FindClose
MapViewOfFile
FindVolumeClose
WriteFile

uxtheme

DrawThemeEdge
GetThemeBool
GetThemeEnumValue
GetWindowTheme
CloseThemeData
IsThemeActive
OpenThemeData
CloseThemeData
GetThemeTextExtent
GetThemeColor
GetThemeTextMetrics
DrawThemeBackground
SetWindowTheme

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE