4e9d0f9d9100bcc031357ee658d69536 | Triage

Sharing

General

Target

4e9d0f9d9100bcc031357ee658d69536
Size

18KB
MD5

4e9d0f9d9100bcc031357ee658d69536
SHA1

5feaf674d2fb0938b35326c8f101308f3340bc87
SHA256

8d8b9c54dde776ed558d19f75a7546e6670c60222d90eb3da52e5abc46176064
SHA512

1f3c34de57fcf681eca23e4b38e962de1b51908a75744d1b027eaf17989d46434e4e27c91e27fa3b19868813dfddc8acf843f08606e377a7372d741505c283bc
SSDEEP

384:ri+SOmW6G7sUzDUhEQXyRjJSmFwZDRIKv:ec7Lf2lyRYTeKv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e9d0f9d9100bcc031357ee658d69536

Files

4e9d0f9d9100bcc031357ee658d69536
.exe windows:4 windows x86 arch:x86

b26a1f260e2b7e32b50bf0694c609d65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
VirtualProtect
HeapCreate
GetStdHandle
GetEnvironmentStringsA
GetModuleHandleA
DeleteAtom
GetCurrentThread
IsDebuggerPresent
GetCurrentProcessId
GetThreadPriority
GetACP
WriteConsoleA
InterlockedExchange
HeapDestroy
GetExpandedNameA
LoadLibraryA
GetTimeFormatA
OpenSemaphoreA
FormatMessageA
FlushFileBuffers

user32

EndPaint
GetFocus
IsIconic
ShowWindow
SetForegroundWindow
FillRect
GetCursorPos
GetWindowTextLengthA
GetDlgItem
ReleaseDC
FrameRect
GetClassNameA
ValidateRgn
DrawTextA
BeginPaint
wsprintfA
SetActiveWindow
GetParent
GetWindow

linkinfo

IsValidLinkInfo
DestroyLinkInfo
ResolveLinkInfoA
GetLinkInfoData
GetCanonicalPathInfoA

uxtheme

GetThemeSysFont

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ