4fa1387794137ce9ca2972798e7d5b0f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4fa1387794137ce9ca2972798e7d5b0f
Size

638KB
MD5

4fa1387794137ce9ca2972798e7d5b0f
SHA1

d1c981417d59f6e807c5d4a51c2d7ca03a132193
SHA256

4c259c3acf6658b8cf80d37d87c252a4f9fbf1302fc1a25431905d705326eb89
SHA512

9aa69987211f5aef596ad94261c33e0055fdf5730591f2ff580cfcf442343b538dd2788e18fb86af4c59f6de0b45f4bcc33080851816d191fd32bf7d160d1099
SSDEEP

12288:mgA+k6FrHtj1mzhTBGST08aQMh0+LoaccKU53N4cm9A08/U:DA+ky1mzh8g5arh0+0n44cm9pF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fa1387794137ce9ca2972798e7d5b0f

Files

4fa1387794137ce9ca2972798e7d5b0f
.exe windows:4 windows x86 arch:x86

d26b1c9549fd66082f16da81a8fdec89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
LoadLibraryA
GlobalUnlock
GetTickCount
GetAtomNameA
GetModuleHandleA
HeapReAlloc
GetConsoleCP
FindAtomA
VirtualProtect
lstrlenA
TlsGetValue
HeapWalk
GetACP
CloseHandle
WaitForSingleObject
CompareFileTime
GetVersion
GetProfileIntA
InterlockedExchange
GetStdHandle

user32

DestroyMenu
GetDlgItem
PostMessageA
SetPropA
ShowWindow
ModifyMenuA
DispatchMessageA
TranslateMessage
DialogBoxParamA
SubtractRect
InsertMenuA
MessageBoxA
PaintDesktop
GetMenu
CreateCaret
EnableScrollBar
GetKeyboardLayout
LoadIconA
InflateRect
CopyRect
SetWindowPos
EqualRect
GetWindowTextA
GetMenuStringA
GetScrollRange
UpdateWindow

msi

MsiCloseHandle
MsiGetMode
MsiDoActionA
MsiEnumClientsA
MsiEnumProductsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ