4e94b7b3e5d6d76b8ff88d08cde1d380 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e94b7b3e5d6d76b8ff88d08cde1d380
Size

166KB
MD5

4e94b7b3e5d6d76b8ff88d08cde1d380
SHA1

d4c3455ac8db10becefa4dc37eea8a40fe6689a9
SHA256

d165d8e6e1eb510fe52a3134136691ed160dbb7fc459806cbb755d6cd093cbab
SHA512

09159c53efc298d23f42b913f286b3d4db9d7f35bb9215828fd418140526edb2e1bed28eeaaba1a6869b1daaee6f7c76a91ba2a59f578b8d371b047285fc63cd
SSDEEP

3072:E5x7cyq1FbQjQQkuZtM3MGFw94BkjxATgbSAufTY0s218zCP52BOL:Gx7cLzQDFiajaTMQrVsS1Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e94b7b3e5d6d76b8ff88d08cde1d380

Files

4e94b7b3e5d6d76b8ff88d08cde1d380
.exe windows:4 windows x86 arch:x86

55bfbea1ed31cd997ea38d1c9736de94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowA
FindWindowExA
PostMessageA
SendMessageA

kernel32

CloseHandle
CreateFileA
ExitProcess
GetLastError
GetTempPathA
LocalFree
Sleep
WriteFile
lstrcatA

shell32

ShellExecuteA

advapi32

RegCreateKeyA
RegSetValueExA

Sections

.text
Size: 160KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ