4f83673083acc626bd2370e9e3c1a7f6 | Triage

Sharing

General

Target

4f83673083acc626bd2370e9e3c1a7f6
Size

22KB
MD5

4f83673083acc626bd2370e9e3c1a7f6
SHA1

e0d570ccabfdbd31a426b30dfe8c041cf9983710
SHA256

77eb49ee873f9300f22557a97d584aadd14ca2cef5b98e7139fba50a027cdda6
SHA512

3f6248ffbf50392f6e1fbf455c6e724e5b0a47c2d719cb40a89111f3372e6a0d47a4ffde8414256c847fe4e5584e6e571e0e6cd10434d9e8eb44f070300cda36
SSDEEP

384:y/TFM9P4ufUR05Q5AD+SW3xaJr8z13Q0XSHxSz+QJn:yZTl5K+5Kr8z13Q9AJn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f83673083acc626bd2370e9e3c1a7f6

Files

4f83673083acc626bd2370e9e3c1a7f6
.exe windows:4 windows x86 arch:x86

fefe877f43a09bb31b57d352b35fbcdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
OpenServiceW
RegEnumValueW
OpenProcessToken
LookupPrivilegeValueW
AllocateAndInitializeSid
AddAce
OpenSCManagerW
FreeSid
CopySid
RegOpenKeyW
InitializeAcl

ole32

CoGetStdMarshalEx
OleSetAutoConvert
OleSaveToStream
OleCreateFromFile
OleFlushClipboard
CoRegisterSurrogate
OleQueryCreateFromData
CoGetMalloc
OleDoAutoConvert
CoIsHandlerConnected
OleCreateLinkEx
CoDosDateTimeToFileTime

ntdll

ZwWriteFile
NtQueryInformationPort
ZwQueryAttributesFile
strstr
RtlLengthRequiredSid
NtSetSecurityObject
RtlCreateAcl
NtReplyWaitReplyPort
_strcmpi
vsprintf
RtlEnlargedIntegerMultiply
ZwUnloadDriver

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE