4ea40d9c3efb2137a09cdf30fea6e34c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ea40d9c3efb2137a09cdf30fea6e34c
Size

66KB
MD5

4ea40d9c3efb2137a09cdf30fea6e34c
SHA1

71d6a220f8b14211075c88c64c08cbee12224099
SHA256

02a4b4f2bfa92e16e0cfda9fe75a1431c097c2dc4c492aa7ad1f8156e2148316
SHA512

93730a1fe3e7ec81d50751204682cd862b9fde9e59819abdd5697a09a689d877c86a0da35a68ccb84d08847486f9024853cd3625d5d3b3d7dbe502d41501aa2d
SSDEEP

1536:LGamghD0fYgVepNq1gB2o/zdglGiOut20N0+Vh8y4b55NzN:ugaAgVsNf/zd2Gin209Vh8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ea40d9c3efb2137a09cdf30fea6e34c

Files

4ea40d9c3efb2137a09cdf30fea6e34c
.exe windows:4 windows x86 arch:x86

d91e5e0a6687cfb8316d5409802659da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
SetTimer
RegisterClassExA
PostQuitMessage
KillTimer
GetMessageA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
wsprintfA

kernel32

Process32Next
lstrcatA
lstrlenA
lstrcpynA
CloseHandle
CompareStringA
CreateFileA
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
GetCommandLineA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetSystemTime
GlobalAlloc
GlobalLock
OpenProcess
Process32First
WinExec
ReadFile
Sleep
TerminateProcess
lstrcmpiA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyA
RegDeleteValueA

wsock32

inet_ntoa
WSAStartup
gethostbyname

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA
InternetReadFile
InternetOpenUrlA

urlmon

URLDownloadToFileA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE