4ed2ccdb072e6afea14f752abe809495 | Triage

Sharing

General

Target

4ed2ccdb072e6afea14f752abe809495
Size

40KB
MD5

4ed2ccdb072e6afea14f752abe809495
SHA1

2680960dbec06502f04bf6e985b0b5cccc2f09a8
SHA256

15a448ee983135bfe94b1f3d4e13efc8c46c18d94bed129e2701514b7b3dedf0
SHA512

0088a85efdfd973da0d1e2a8f1293623dd3e1170810af8d5f0b75bece3f72d45e5b94130b6e6bc95b5ff5f9ff485533e67e19002b9ca20b1c3746580921b3ab6
SSDEEP

768:+qgX3JradlndZTgpWFu93CMlz+hNvsYAJl+ibb2DZ4P9h74C3IiRzM:705raHK93Llz+bvsYA3v7UiR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ed2ccdb072e6afea14f752abe809495

Files

4ed2ccdb072e6afea14f752abe809495
.exe windows:4 windows x86 arch:x86

595e3e7882201e6799bf16d34c9137c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetOverlappedResult
MapViewOfFileEx
OpenProfileUserMapping
ReadFileEx
SetLocaleInfoA
WriteConsoleOutputAttribute

advapi32

BuildImpersonateExplicitAccessWithNameA
GetExplicitEntriesFromAclW
GetNamedSecurityInfoA
GetNamedSecurityInfoExW
ObjectOpenAuditAlarmA
OpenEventLogW
RegSetValueW
RegisterServiceCtrlHandlerW
SetTokenInformation

user32

DdeQueryConvInfo
DispatchMessageA
ExcludeUpdateRgn
GetKeyNameTextW
GetMenuStringA
GetScrollBarInfo
IMPSetIMEW
PackDDElParam
RemovePropA
SetMenuDefaultItem
SetMessageExtraInfo
UpdateWindow
wvsprintfA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE