4da359f997cf32e4c28cc9c23f1c9af6 | Triage

Sharing

General

Target

4da359f997cf32e4c28cc9c23f1c9af6
Size

56KB
MD5

4da359f997cf32e4c28cc9c23f1c9af6
SHA1

5f54bd9af08b7080239d12129758866829289fbb
SHA256

dfd47ada07a26015f502fa8aade7164abc29a5a9df0b2880545b61ef02f1fbb2
SHA512

1a7fa0db112cf099c8ca81f31451709028cb21d8da7c41fe755c2afd2a68795f140240b2c361032d35fa9897cb33abba8ebed6905771a3304762761add046f1d
SSDEEP

768:gANEDaQWFFxdM0NwV10Vd0NH+6MLJVEvnrOggjbnmjsYFSDrRRaqXpqEhcCq:r2aBi0NwVU24YnCgQKjsYir/r8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4da359f997cf32e4c28cc9c23f1c9af6

Files

4da359f997cf32e4c28cc9c23f1c9af6
.exe windows:4 windows x86 arch:x86

d7505c59369e034df7a5965f05b69b84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetConsoleTitleA
GetLogicalDriveStringsA
GetLongPathNameW
GetProfileSectionA
GetTempFileNameW
GetVolumeInformationA
HeapCreate
InterlockedDecrement
IsBadCodePtr
LoadLibraryW
VirtualFree
WriteConsoleA

advapi32

BuildExplicitAccessWithNameA
BuildSecurityDescriptorA
ConvertAccessToSecurityDescriptorW
CryptVerifySignatureW
EnumDependentServicesW
GetFileSecurityA
GetNamedSecurityInfoA
GetSecurityDescriptorLength
LookupAccountSidW
RegConnectRegistryA
RegQueryMultipleValuesA
StartServiceCtrlDispatcherW
TrusteeAccessToObjectW

user32

DdeSetQualityOfService
GetActiveWindow
IsCharAlphaA
IsIconic
ScrollWindowEx
SetMenuItemInfoW
WinHelpW

shell32

DllGetClassObject
DoEnvironmentSubstA
OpenAs_RunDLLW
RealShellExecuteW
SHAddToRecentDocs
SHGetFileInfoA
SHGetSpecialFolderPathW
SHInvokePrinterCommandA
SheFullPathA
Shell_NotifyIconA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE