4ef0992c16e9846232e371f01edd40fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ef0992c16e9846232e371f01edd40fe
Size

12KB
MD5

4ef0992c16e9846232e371f01edd40fe
SHA1

d84b7906e4f5212884d9804da22a217dbc421d39
SHA256

b810386c910d4a355a4cc8ad879aa56e09b1bcd35365305a9851c6a17b58bab4
SHA512

d4813ae4f30053b59934622e97d11c6d6359c6e9da0d81d5a666da279f3281c52660b55abf6cfe65759c744e4f8f84b4bcdbea34729e0ad14002f054522392b7
SSDEEP

96:pRgJLy7/8KDqBXcrQdrqtr68OtJOfRoo4xvmlHYhW4QKUBH5y/V+s9U6eM:ph78KW5RO1zpoodlHY+RBHQ/VTU6eM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ef0992c16e9846232e371f01edd40fe

Files

4ef0992c16e9846232e371f01edd40fe
.exe windows:4 windows x86 arch:x86

196201ff817df883e2f40c1501327664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

wnsprintfA
StrStrIA

ws2_32

WSACleanup
WSAStartup

kernel32

Sleep
GetTickCount
lstrcpyA
lstrlenA
GetLastError
CloseHandle
lstrcpynA
DeviceIoControl
CreateFileA
WriteFile
SetErrorMode
GetLogicalDrives
GetDriveTypeA
ExitProcess
InterlockedExchange
GetProcessHeap
IsBadReadPtr
IsBadWritePtr
InterlockedDecrement
HeapFree
CreateMutexA
OpenMutexA
SetFileAttributesA
HeapAlloc
GetFileInformationByHandle

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE