4f9a3de70b448e674ac13289761109c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f9a3de70b448e674ac13289761109c7
Size

17KB
MD5

4f9a3de70b448e674ac13289761109c7
SHA1

6f52199b034c2a9462f7fa9d882e9ceab9ad70a9
SHA256

0a6d89dc1d00f29ad80dec1675b8267d744f94755ac4fe89d128ac7e181e421d
SHA512

19839b131a3c5a0830d4a61505d9ae6f08162b115e204490f31b3abcb69513650f5a4bfee8f58a4292cd5a138eb0ac24b9fa2c82dcfd1877a3c34be6b403bb89
SSDEEP

192:VqmdV2y/ysZ0NSgm3OMqJuvde4OVxUtSbD6yeiC5L420pZ4mP6Qi5yno1m9k:V/V2XSgrMqAo/V6OC5L6X4mPi5yo8e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f9a3de70b448e674ac13289761109c7

Files

4f9a3de70b448e674ac13289761109c7
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE