4f6779d62d854f5f52349cc146770406 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f6779d62d854f5f52349cc146770406
Size

189KB
MD5

4f6779d62d854f5f52349cc146770406
SHA1

e89da8be847cc7ec5b4c0ec10aa3cc89c16051d1
SHA256

17a7c5dd7bbba30147b21cbc1c3dd270666b7b333fabc4cabe26f13acd4ddc01
SHA512

a374ae2f92e11eb6e653960b2b80777af5bd14a1e6efb8e542247d38e2e108d9490c67c623e0082c3ea8fb0bee4b5e21d3f7b70de55952e75bdbca80ec7393c3
SSDEEP

3072:Fda3TQpVNxb7DTmJ7yQovttDYmeteLIsURuIKtt3x8fEjEdQfYz0k2pxAm:FdkT4NZfHCmgaURuIE22EWfAkxB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f6779d62d854f5f52349cc146770406

Files

4f6779d62d854f5f52349cc146770406
.exe windows:4 windows x86 arch:x86

5bfab9d9a492f37a1ebb3ee10c805626

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
WideCharToMultiByte
UnhandledExceptionFilter
GetFullPathNameA
GetAtomNameA
LCMapStringA
IsBadCodePtr
SetStdHandle
FreeEnvironmentStringsA
IsBadReadPtr
GetCPInfo
CreateFileA
EnumResourceNamesA
FlushFileBuffers
FindFirstFileA
GetOEMCP
GetFileAttributesA
GetEnvironmentStringsW
FreeLibrary
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeA
WriteFile
LoadLibraryExW
VirtualProtect
LCMapStringW
SetUnhandledExceptionFilter
GetThreadLocale
ReadFile
SetFilePointer
MulDiv

shlwapi

DllGetVersion
PathIsFileSpecA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 99KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ