4f793fd418002a3cc204f42e1d043ea2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f793fd418002a3cc204f42e1d043ea2
Size

636KB
MD5

4f793fd418002a3cc204f42e1d043ea2
SHA1

6a0b3ab94bddc6ace8bf0bc56c64b6e504299ba8
SHA256

3ff4565aad0c0588df3bcd0c856eedfe7c3cf58506d0283e3312d6af811e82d5
SHA512

9e1b1c1066cd33dd6fbe423245dbae264a96dc4ee8c98b121365ee695030f5bf08a7055b3709766ad0beaa97f3d9598fd49bc325e042f82a067efe0bb2f6879a
SSDEEP

12288:TkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:TRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f793fd418002a3cc204f42e1d043ea2

Files

4f793fd418002a3cc204f42e1d043ea2
.exe windows:4 windows x86 arch:x86

a2f203e75ef570f58cf3854663dec734

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetCommandLineA
GetModuleHandleA
SetConsoleCP
GlobalUnlock
LoadLibraryExA
HeapCreate
CompareFileTime
WaitForMultipleObjects
VirtualProtect
GetConsoleCP
InterlockedExchange
WaitForSingleObject
SuspendThread
GetVersion
GetSystemDefaultLangID
CloseHandle
GetStdHandle
GetAtomNameA
HeapReAlloc
lstrlenA

user32

InvertRect
DragObject
SetWindowPos
GetDlgItem
CreateMenu
GetCursorInfo
DrawCaption
EnableScrollBar
DispatchMessageA
IsDialogMessage
SetScrollInfo
CreateCursor
CreateIcon
FindWindowA
InsertMenuA
CopyImage
DestroyMenu
GetKeyState
FillRect
GetKeyboardLayout
SetPropA
DialogBoxParamA

advapi32

RegCloseKey
RegEnumKeyA
RegEnumValueA
RegCreateKeyExA
RegQueryInfoKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ