4e7c28ca4643a13308e3f122ee407407

General

Target

4e7c28ca4643a13308e3f122ee407407
Size

189KB
MD5

4e7c28ca4643a13308e3f122ee407407
SHA1

e02788288575715d86e67cfb122b064d68301e4d
SHA256

96eddc4cc64c6dcf08cefd508bbef58069421ecd8a2e5b4858c4cdadbcb8e4b1
SHA512

35f8f87ad704042c1b612616a74dff852f36c0ebda9967ffc27f26e14fc9e2a9cf42c27d9542585e22f469f3dcbbfbbd3107acfbecf407b2d62604d5ea636d3c
SSDEEP

3072:kuCZTgNT4evftEkoFyNsFc9BXx6G+5V+Q2WaV/mBt10Ntiprh2jKCavLWVMk/tZc:kujT4I2kzN79Hm2Wk+1v4K/qak/L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e7c28ca4643a13308e3f122ee407407

Files

4e7c28ca4643a13308e3f122ee407407
.exe windows:4 windows x86 arch:x86

0bef4147cbf09d5cef774f730519e3cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

EnterCriticalSection
lstrlenA
InterlockedDecrement
FlushInstructionCache
HeapSetInformation
FindAtomA
LocalAlloc
GetCurrentThreadId
WaitForSingleObject
GetTickCount
TlsAlloc
TlsFree
GlobalHandle
InterlockedIncrement
GetCurrentProcess
GetOEMCP
GetComputerNameW
CloseHandle
InitializeCriticalSection
GlobalUnlock
lstrcmpW
MultiByteToWideChar
InterlockedExchange
CreateFileW
TlsSetValue
EnumResourceNamesA
GlobalFree
DeleteCriticalSection
FormatMessageW
LeaveCriticalSection
GetStringTypeA
TlsGetValue
GetLocaleInfoW
SetUnhandledExceptionFilter
RaiseException
GlobalAlloc
SetLastError
lstrlenW
SetLastError
GlobalLock
MulDiv
WideCharToMultiByte

shlwapi

StrRetToStrA
SHCreateStreamOnFileEx
PathAppendA
PathIsFileSpecA
PathIsContentTypeA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 98KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bef4147cbf09d5cef774f730519e3cf

Headers

File Characteristics

Imports

kernel32

shlwapi

rpcrt4

Sections

.text Size: 98KB - Virtual size: 238KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 87KB - Virtual size: 87KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 238KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 87KB - Virtual size: 87KB

.rsrc
Size: 512B - Virtual size: 4KB