4e4e378298bd19ef45be985897ca0dd3[.]exe

General

Target

4e4e378298bd19ef45be985897ca0dd3.exe
Size

284KB
MD5

4e4e378298bd19ef45be985897ca0dd3
SHA1

c78622d4812fd918b923e10e84f51b11253fcf04
SHA256

aa49cc0917ba7bbdf77e355523db5e4b8657c106ed3541070554f6ecb79c5c85
SHA512

ece9c8a2289a10474c595b78c2956e25f9f384a4fd05c53563b4b45924060236ecaad54537f57eded40710e39ca5cc69577a832f5d4509152062c53acdbed560
SSDEEP

6144:Lsa1WwCyFA1ftIr7qTkcKAS6+Bq5FbFiqHKe+W5/9pT2p:F1W1iA1ftIawn/6+B0rv/nW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e4e378298bd19ef45be985897ca0dd3.exe

Files

4e4e378298bd19ef45be985897ca0dd3.exe
.exe windows:4 windows x86 arch:x86

50e31eba665d663dff6a2b48e74cefc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalFindAtomW
LocalAlloc
SetLastError
HeapSetInformation
EnterCriticalSection
GetComputerNameW
TlsAlloc
InterlockedDecrement
FormatMessageW
InterlockedExchange
FlushInstructionCache
TlsGetValue
CreateFileW
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
GlobalLock
GlobalAlloc
EnumResourceNamesA
lstrlenA
LeaveCriticalSection
SetLastError
GetLocaleInfoW
GlobalFree
MultiByteToWideChar
InterlockedIncrement
RaiseException
MulDiv
CloseHandle
GetStringTypeA
TlsSetValue
GlobalUnlock
GetOEMCP
lstrcmpW
TlsFree
GetTickCount
GlobalHandle
GetCurrentThreadId
WaitForSingleObject
SetUnhandledExceptionFilter
lstrlenW
WideCharToMultiByte

shlwapi

StrRetToStrA
PathAppendA
PathIsContentTypeA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 140KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50e31eba665d663dff6a2b48e74cefc0

Headers

File Characteristics

Imports

kernel32

shlwapi

rpcrt4

Sections

.text Size: 140KB - Virtual size: 272KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 141KB - Virtual size: 140KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 140KB - Virtual size: 272KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 141KB - Virtual size: 140KB

.rsrc
Size: 512B - Virtual size: 4KB