4f676bad4c1d983f77f06b43896623e2

Sharing

Copy URL Twitter E-mail

General

Target

4f676bad4c1d983f77f06b43896623e2
Size

15KB
MD5

4f676bad4c1d983f77f06b43896623e2
SHA1

0cbea90561018c883e1664811b6afc7fd6f22ea9
SHA256

6ef2649e8b80884feb5dce1af533849979b22111e292ac19490a2414e1dbd194
SHA512

7387b7448dd1784eed485b422037c7b95d450682842e7403f5c6ab9b230766b018bb3a80a158409d241e014a319474303757436903b01c641fab4c319af2f12d
SSDEEP

192:nldhhzQcWga+db2MqJ/TRZv89URnHcvtOeaL9emyDaHv7urTOGnAEZ+AqwbGVU2O:hpmOVCRGiytEUzguXdAE9dbG+2SIo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f676bad4c1d983f77f06b43896623e2

Files

4f676bad4c1d983f77f06b43896623e2
.exe windows:4 windows x86 arch:x86

5783a284c65e2b4b7668c71e1ff3948f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
GetLastError
ExitProcess
WriteFile
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
SizeofResource
SetFileAttributesA
LockResource
LoadResource
GetEnvironmentVariableA
FreeResource
FindResourceA

advapi32

GetUserNameA

user32

MessageBoxA

shell32

ShellExecuteA

Sections

CODE
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

zzzzzxxs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5783a284c65e2b4b7668c71e1ff3948f

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

CODE Size: 9KB - Virtual size: 8KB

DATA Size: 512B - Virtual size: 164B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 858B

.tls Size: - Virtual size: 4B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 1024B - Virtual size: 560B

.rsrc Size: 2KB - Virtual size: 1KB

zzzzzxxs Size: 512B - Virtual size: 4KB

CODE
Size: 9KB - Virtual size: 8KB

DATA
Size: 512B - Virtual size: 164B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 858B

.tls
Size: - Virtual size: 4B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 1024B - Virtual size: 560B

.rsrc
Size: 2KB - Virtual size: 1KB

zzzzzxxs
Size: 512B - Virtual size: 4KB