4e3a445a4e6c0114091c0b8f01d6912c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e3a445a4e6c0114091c0b8f01d6912c
Size

42KB
MD5

4e3a445a4e6c0114091c0b8f01d6912c
SHA1

c916d75b0f7880ed8bc91d204d80fce5d26ea9cd
SHA256

016fdfc1334f5e62df14ec44aa7caa6e877a515241c9873088194ed90ba4d977
SHA512

a7c998d87a0acb955762444c4557884ff2f73ed382a379d465efbfd3f4a9d8e5715d7e0045c7d127dd6d1263f2065ec0df30960d5f0c017ab2515c02dde16c2c
SSDEEP

768:mIhEUK9LprEBNMaCmQDLLIaZYRM/l4DXp1psG08oo04dDk7zsFo1:XhE3ErMaNGXFYGWNsG0864dw7zsm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e3a445a4e6c0114091c0b8f01d6912c

Files

4e3a445a4e6c0114091c0b8f01d6912c
.exe windows:5 windows x86 arch:x86

aef44dc99bfdd5d231915f4352446ce7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetActiveWindow

advapi32

RegOpenKeyW

ole32

CoInitialize

shell32

ShellExecuteW

oleaut32

GetErrorInfo

shlwapi

StrCmpW

urlmon

URLDownloadToFileW

Sections

.text
Size: 36KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE