4ee63405e87517225b7a8794a85b338e | Triage

Sharing

General

Target

4ee63405e87517225b7a8794a85b338e
Size

146KB
MD5

4ee63405e87517225b7a8794a85b338e
SHA1

88a0eb36f684b2bb66283ed8a005ceac764252ab
SHA256

bd2a64f7b21b34f25b85536f4cbe06bedacc78e76bb9738e258c0e80a2580f19
SHA512

05d0b5bfbfd0e59d09f0844a4c9bc0f3b43f1045edff2826630def52df7ad420aa14e78f8113ef601391a9e5ccd1d5eceff459d705b98ddbe59e0af20e2d0690
SSDEEP

3072:5ec7kNjXIYiVl1+48R3DfPgrW4aORuh5WhD40un:5SdkzqDfPgrtRQWd4t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ee63405e87517225b7a8794a85b338e

Files

4ee63405e87517225b7a8794a85b338e
.exe windows:4 windows x86 arch:x86

ce8092a3c49aae5156bf883798ef2e63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
FreeLibrary
GetCurrentProcessId
GetLastError
GetModuleHandleA
GetProcessHeap
GetSystemTimeAsFileTime
GetVersionExA
InterlockedDecrement
LocalAlloc
ReadFile
UnhandledExceptionFilter

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ