4e457fd92015b981345a59ef07e604e1 | Triage

Sharing

General

Target

4e457fd92015b981345a59ef07e604e1
Size

65KB
MD5

4e457fd92015b981345a59ef07e604e1
SHA1

81e00090dac64e1d3cda0c1db451c407142c5549
SHA256

755fb9355ba757cd093676f6c8975a5032cfa14d23c9624ec14f7e8d999cd2fd
SHA512

b1ae417859bf6409c6cb1c8ac969dd780d75432811c84e31dff26f745c579e51b11bfc6454dd979be6b302df79bdb8da6413dcbfd867ce186c902f7c4a3b8407
SSDEEP

1536:MT6KcYnp0CobGVulUaOl3iVwkGF/LInG0H4Mmbeh/7aHg82S7gVZ7L:eWcZiVvGN0GvLbeB5r5V9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e457fd92015b981345a59ef07e604e1

Files

4e457fd92015b981345a59ef07e604e1
.exe windows:4 windows x86 arch:x86

8bf95ce3190123e2bb3b350399987ba9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetGeoInfoW
SetMessageWaitingIndicator
GetPrivateProfileStructW
GetSystemTimeAdjustment
SetCurrentDirectoryW
HeapExtend
GetProcAddress
GetPrivateProfileSectionW
BeginUpdateResourceA
Sleep
SetVolumeLabelA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE