4ff02fb3a55efeb157d164dcd47583fd | Triage

Sharing

General

Target

4ff02fb3a55efeb157d164dcd47583fd
Size

51KB
MD5

4ff02fb3a55efeb157d164dcd47583fd
SHA1

c4b0168282c2b0a546c004d06ecff621be875c2a
SHA256

0ffea6ba02580607e58ef90b64fad7e85433e0132881cec478c1b7c180a467b6
SHA512

4451e025591d9ab7168ca92bc10decaaa6180bcc48840175f4b8dc47384a9e51e4a615a88dfa39c6408f9e371a3c6423f68112bbcd5a0d948a5464f93ab299b3
SSDEEP

768:VNCb/KVFb2pxkFkc/tcFBlALt4jvhHLlPSzCb0VvPQqQGw9lfsFRIo8M:VN2CuqOc/tcF7Q4jvZYzPFQGkSDl8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ff02fb3a55efeb157d164dcd47583fd

Files

4ff02fb3a55efeb157d164dcd47583fd
.exe windows:5 windows x86 arch:x86

fea7cfb3d662399ba397dcac0bf978f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptHashData
CryptReleaseContext
GetUserNameW
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA

shlwapi

PathCombineW
PathFileExistsW
PathMatchSpecW
StrCmpNIA
wvnsprintfA
wvnsprintfW

user32

CharLowerBuffA
ExitWindowsEx
FindWindowExA
GetClassNameA
GetForegroundWindow
GetMenuItemID
GetWindowLongA
SetProcessWindowStation
SetThreadDesktop

Sections

.doz
Size: 42KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kxqtix
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fuh
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ