4f010e5f4fb76fd7efa89d31fd750839 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f010e5f4fb76fd7efa89d31fd750839
Size

443KB
MD5

4f010e5f4fb76fd7efa89d31fd750839
SHA1

078806c6a527eba97f67e6a68b660bba56a7feb3
SHA256

181e4a3f4b166b3676f0565125b7e0e1205f4540ce07bbbd4196bcb3cb5526c1
SHA512

200a3a725e935403a0424a8cc6d26b2c49edefbebc4fcc1029d9048a0d480cc435af09d2b77d9fe0e209f871cce362294bf1cfacc0c0580233f6c321211221a1
SSDEEP

12288:S51O+Y4gOeI7jYgdslAEsggV9z03/sitsKSsmpVbouFbx:Rp4b9o3kitsrRPpF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f010e5f4fb76fd7efa89d31fd750839

Files

4f010e5f4fb76fd7efa89d31fd750839
.exe windows:4 windows x86 arch:x86

cfd817d29887f1101973acac423d487e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
QueryPerformanceCounter
GetModuleFileNameA
GetProcAddress
VirtualAlloc
HeapReAlloc
LoadLibraryA
VirtualQuery
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
GetTickCount
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
GetConsoleCursorInfo
GetProfileIntA
ExitProcess
InterlockedExchange
RtlUnwind

gdi32

LineTo
SetBitmapBits
GetViewportExtEx
CreatePen
GetWindowExtEx
ExtSelectClipRgn
GetPixel
GetGlyphOutline
GetRasterizerCaps
GetTextMetricsW
SetTextColor
SetStretchBltMode
PlayMetaFileRecord
DPtoLP
CloseEnhMetaFile
EnumFontFamiliesW
CreateRoundRectRgn
CreateColorSpaceA
CreateBitmapIndirect
BeginPath
GetTextFaceA
GetTextExtentPointA
SetICMMode
RectVisible

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ