4f932d10d1046c3da5f757a8a309597a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f932d10d1046c3da5f757a8a309597a
Size

44KB
MD5

4f932d10d1046c3da5f757a8a309597a
SHA1

781a974e6450b71ad50e4f168c4efe100d48bbb0
SHA256

fc0dc09c03000ec1c1b4068f1af31262b2251c152d7c857cdc7894c6378ea894
SHA512

1ca8d43445460bfa0f30a1c3cf02ce470c115554d9428dd4171a40b4f92fdee42450ed0edb8e7ccc868785288b9b62b3f9cbb5ea1991f583eb0eb85b51f59c02
SSDEEP

768:IWoReVRbuqWj+1TLiFaCuYTw+IsZgm/YMQ/pSs1L0F/p/0C9T2LyuF:ILAIqZviFJX0jCYltL0xC2TPI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f932d10d1046c3da5f757a8a309597a

Files

4f932d10d1046c3da5f757a8a309597a
.exe windows:4 windows x86 arch:x86

744a77e56a34dbc341ec7c6fe909dc82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
LoadLibraryA
FormatMessageA
GetCurrentProcess
GetProcessPriorityBoost
_lclose
FlushViewOfFile
GetPrivateProfileStringW
GetFileAttributesA
GetTempFileNameW
lstrcpyn
lstrcatA
GetLastError
GetCurrentConsoleFont
EndUpdateResourceW
lstrlen
VirtualProtectEx
TerminateProcess
GetCPInfoExA
UpdateResourceW
GetProcAddress
GetCurrentDirectoryW
GetLocaleInfoW
SuspendThread
Heap32First
SetCalendarInfoA
WriteConsoleW
FormatMessageW
DuplicateConsoleHandle
UTUnRegister
SetEnvironmentVariableW
PeekConsoleInputA
lstrcat
SetConsoleInputExeNameA

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE