4ed28b6207560f127d267de639a4e1bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ed28b6207560f127d267de639a4e1bf
Size

31KB
MD5

4ed28b6207560f127d267de639a4e1bf
SHA1

b32b239a9c716baef5d668cbf8e6363b39867260
SHA256

86459ac2e8abbabf6e90dec451035c4572a09b390f39b471a9837460ede23406
SHA512

d6ef2a4d8c0777bc99c3fd80b3742d492c3a804ce672fc38beadb074367cd553409107a1f4c263c5519088697a028030254110c79e0f25efda1837e4417a955c
SSDEEP

768:XZNO6turB5RE4MpHbWk0L3DOKpuYrY9nXbc1:JklbEtbpS3D7pu0snQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ed28b6207560f127d267de639a4e1bf

Files

4ed28b6207560f127d267de639a4e1bf
.exe windows:4 windows x86 arch:x86

536c35e361b8b671498d1baf00bbbda5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
GetLastError
CreateMutexA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ