4f720900cbf0d5762d719a85c14cf310 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f720900cbf0d5762d719a85c14cf310
Size

880KB
MD5

4f720900cbf0d5762d719a85c14cf310
SHA1

8f7b9ffb277b0795ad7046a18b012a7bc3ceb498
SHA256

51e8f9e93ab5b6e34280b83e0506480bc8345acf41d80a74830012bd91fcef76
SHA512

36496cbdda5efe5095b2a07f6f103a2fec317c0009e57c90bf93f2d48fbb2f400d363b73901afc56970352d5e053d0ff1315b36dc59ef1b0a434265457f26e7b
SSDEEP

24576:g54HKnb+C9LG40V7cHIHdH6KS1rolm51:gyHKbL9LGrVIHMaNt9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f720900cbf0d5762d719a85c14cf310

Files

4f720900cbf0d5762d719a85c14cf310
.exe windows:4 windows x86 arch:x86

b7137cfcd5cdfcf93265036d1f816b03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
Sleep
lstrlenA
CloseHandle
GetDriveTypeA
DeleteFileA
FindClose
HeapCreate
GetStartupInfoA
CloseHandle
CreateFileW
DeviceIoControl
CreateFileMappingW
GetModuleFileNameW
IsDebuggerPresent
TlsAlloc
GetModuleHandleA
GetCommandLineA
LocalSize
GetConsoleAliasA

user32

IsZoomed
GetIconInfo
FindWindowW
PeekMessageA
DispatchMessageA
LoadImageA
DestroyMenu
CallWindowProcW
GetWindowLongA
DispatchMessageA
DrawTextW
IsWindow
DestroyWindow

devenum

DllRegisterServer
DllRegisterServer
DllRegisterServer
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ