b4e1b8e00be665a457927aacac9478e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4e1b8e00be665a457927aacac9478e9
Size

122KB
MD5

b4e1b8e00be665a457927aacac9478e9
SHA1

49d929b68e428a0e1cedffd81556dd711d48c3af
SHA256

cb64522823296984d7477db2c5f0dc17747badc1d0ad59475b543cd822327976
SHA512

35e363a2ccb762eda338d94aba4babc3a499eb37f18f17cd52f13db45e40b7e0b0a6b92641e4b3b41a2486112105b39e9d5a2535bf3bfa6813f2607f6ca92ecb
SSDEEP

3072:Yhqw/UzZ3WJrnaNQr2NO0jCSNXhbpokiZXXXXXXCk:O4WJrWQaO0jR34XXXXXXt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4e1b8e00be665a457927aacac9478e9

Files

b4e1b8e00be665a457927aacac9478e9
.exe windows:4 windows x86 arch:x86

852a03da70e5f74d8977959bfc75353d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
LoadLibraryA
SetCurrentDirectoryA
TlsSetValue
VirtualAlloc
VirtualFree
VirtualProtect

user32

EnableMenuItem
EnableWindow
GetClassInfoA
GetWindowTextA
IsWindow
KillTimer
SystemParametersInfoA
UnregisterClassA

gdi32

CreateDIBSection
CreateDIBitmap
CreateHalftonePalette
GetBitmapBits
GetObjectA
LineTo
SaveDC
SetBkColor
SetWinMetaFileBits

shell32

ExtractIconW
SHBrowseForFolder
SHGetFolderPathA
ShellExecuteEx
ShellExecuteExW

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ