4f9ed205553293094942edb953427524 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f9ed205553293094942edb953427524
Size

134KB
MD5

4f9ed205553293094942edb953427524
SHA1

4a098115091ec06df282d357a1b4ae94ed48635d
SHA256

5b7357d64c7c1a956b0fac62e00acc54224f027dbb7d1a2d71c51c5949ea2270
SHA512

4ab2e913109f5caf800052a6396a09de4e4a11c3ef6eacfa1ba728dd51cff8e9f58a7e313985246701eb0e82a63d8d07dfbf031def6d34c27b446188a447203b
SSDEEP

3072:OX2OUECT8nRjdqCg5CBn+hiQLSJRU3Vkry1LMeIUcd+q:SUECT8jZ+hioSJ2arz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f9ed205553293094942edb953427524

Files

4f9ed205553293094942edb953427524
.exe windows:5 windows x86 arch:x86

6769f9b0e4a7c25516115d6ac11046d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharUpperW
wsprintfW
KillTimer
GetForegroundWindow
IsCharUpperA
GetWindowDC
DefWindowProcA
InvertRect
PostMessageW
SetDlgItemTextA
FindWindowW

kernel32

CancelIo
LoadLibraryA
GetModuleHandleW
GetModuleFileNameA
lstrlenA
LoadLibraryExA
GetSystemDefaultUILanguage
GetBinaryTypeA
lstrcpyA
LoadLibraryW

gdi32

PolyBezier
BitBlt
LineTo
DPtoLP
CreateHatchBrush

msvcrt

_controlfp
__set_app_type
strlen
__p__fmode
wcstoul
islower
__p__commode
_amsg_exit
_initterm
_ismbblead
vsprintf
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

shlwapi

UrlEscapeA
ChrCmpIW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyz
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE