4e1dbfc0c5ae7fa11fe8bf9f22d813bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e1dbfc0c5ae7fa11fe8bf9f22d813bf
Size

347KB
MD5

4e1dbfc0c5ae7fa11fe8bf9f22d813bf
SHA1

2a6b7a57a7f64579c24d9394ef4b1ca89c16cae8
SHA256

75e9291cad372e38f4a6134765b4eeae3c14346c789e452080be4626eced57ab
SHA512

f31a46ad2bc3ae406ec56849bf19996b0e0e002b0e61d83832bc5d1edf65c10fcf4627d5f263b5112aca84ba95dd872e8c0509a4e963ffd3de4b0482913774b6
SSDEEP

6144:C1b+qTnasXeBCCaVMu2pRbYOWVh5syQ7K82b22VhZlfdWS7wWjJXh/:GVTayeUV2ppYfVh5+2b2EN88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e1dbfc0c5ae7fa11fe8bf9f22d813bf

Files

4e1dbfc0c5ae7fa11fe8bf9f22d813bf
.exe windows:4 windows x86 arch:x86

e32261c61dee82b82245afda46dd3651

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveExtensionA
PathFindExtensionA
StrChrA

kernel32

GetExitCodeProcess
CreateThread
ExitProcess
FindResourceA
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
WaitForSingleObject
CreateProcessA
lstrlenA
GetCommandLineA
lstrcatA
lstrcpyA

user32

wsprintfA
LoadStringA

Sections

.text
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 891B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ