4dc1aadb295b57ad5b2d9d343b3523bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4dc1aadb295b57ad5b2d9d343b3523bf
Size

9KB
MD5

4dc1aadb295b57ad5b2d9d343b3523bf
SHA1

4beac8612d2080b894152fa65fe4149f26d2dc40
SHA256

61ba9cc5af4a55993a4adc619eef4779d57d8074a65b0adef6e13c8f7d9ba8bd
SHA512

8d0c3ac4344cd20f6f6f216caed4b0b6f686a7b7861185e9354a992a9b9bbf6fab851b82cb0277bc87f44b44704d0fae7aeab8e0ebdb0868ccbd0c8f2be6a2f6
SSDEEP

192:MPNIkv/0twa514SBg4YugUPgWU/sZpelQX5gffz:AXn0tSSBHMWWsMQX5gf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dc1aadb295b57ad5b2d9d343b3523bf

Files

4dc1aadb295b57ad5b2d9d343b3523bf
.exe windows:5 windows x86 arch:x86

68ede72a8963df8c2a6e39163f8fb16b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memset
strcpy
strncpy
strcat
RtlUnwind

kernel32

Sleep
HeapFree
ExitProcess
HeapAlloc
GetEnvironmentVariableA
GetTempPathA
GetModuleHandleA
GetTickCount
OpenEventA
CloseHandle
WriteFile

user32

FindWindowA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ