4e1c5e4fa79cb0679338d10b9b8baf9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e1c5e4fa79cb0679338d10b9b8baf9f
Size

58KB
MD5

4e1c5e4fa79cb0679338d10b9b8baf9f
SHA1

efdd1a5f33b0faff04ab706c10ce61b38a07b26d
SHA256

77e61b82c2779bb0e92f6d6f2826325dba725e18866000c3560707cc88a717bb
SHA512

c34e2f64bd8f3c6e6bccd824b796d504580b2bd110e463d4e19bb163a6dd7ba30ac03c4ca3a55af9cefdccb36af2656c94a0e32dcd2b2a97b278f2844bf4c6ab
SSDEEP

768:pW15FXWgXA3bY+MpSBMSmGbif9i6PM+3oCObma0+aDhlBbVNdoR/3IdudtpolhL:M150drY1cMT1FPRgbh0hDh7FSQlF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e1c5e4fa79cb0679338d10b9b8baf9f

Files

4e1c5e4fa79cb0679338d10b9b8baf9f
.exe windows:4 windows x86 arch:x86

317a88a19f3bfcb7eef755e6d739cfb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualProtectEx
LoadLibraryA
ExitProcess
GetLastError
OpenThread
GetThreadContext

user32

SendMessageA
IsChild

Exports

Exports

Kinfndjwug
ReadTvnrmndqfr

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA2
Size: 3KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isec2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ