b4f09eb24ae6dc2d4c4a6a19b9c4d025 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4f09eb24ae6dc2d4c4a6a19b9c4d025
Size

18KB
MD5

b4f09eb24ae6dc2d4c4a6a19b9c4d025
SHA1

3dd40a9b9fd7f2d4dd3f78e81a856700ac96ba7a
SHA256

273b45d5c0b447d962d0d1fff90700a21f8e48faf4364694c5a4d81ed8ea1631
SHA512

498d2a2c419e872af913c6bde1b41207dff518e11a54b0c981f6b70c79d3c5eb0241a88beb4be2c625aa359eca6304e6ca262f8172967fc310758cb141b11c73
SSDEEP

384:fYc77/nphDKtrdf4VpQMOQ+pTCryCI0KQul0szto:gcv/npQtsodSKl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4f09eb24ae6dc2d4c4a6a19b9c4d025

Files

b4f09eb24ae6dc2d4c4a6a19b9c4d025
.exe windows:4 windows x86 arch:x86

fd8567b5239f6e44cf610e4913880d3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
SetEvent
GetModuleFileNameA
GetModuleHandleA
CloseHandle
lstrcpyA
lstrlenA
SetFilePointer
LoadLibraryA
RtlUnwind
ExitProcess
CreateThread
WaitForSingleObject
GetVersionExA
WriteFile
ExitThread
GetTempPathA
CreateFileA

user32

wsprintfA
BeginPaint
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
GetDesktopWindow
IsWindow
CloseWindow

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ