c4788b7c9b40a68793ebaf01d98d256a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4788b7c9b40a68793ebaf01d98d256a
Size

72KB
MD5

c4788b7c9b40a68793ebaf01d98d256a
SHA1

27250b6888d0267cd5b7aa36c116394311b652cf
SHA256

d59d43beb382e398583a0ae048c6a7017ff10f8ab0dd7de1ff12326c1f048a5c
SHA512

3d434997c44ca54040d25f80b8a5774c630fd1250225ac606a5a1018e6c0c30b9d06c798aa7008b717fec1f38b187a168e45f51939acf64f7276b38878d458bc
SSDEEP

1536:Wgh6FlY04SjTDdsziefaMfXboN1PNIT+N3mEMWPpssn+kMJ:TEzhjTD6ieNTCPiT+JmEMet

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4788b7c9b40a68793ebaf01d98d256a

Files

c4788b7c9b40a68793ebaf01d98d256a
.exe windows:4 windows x86 arch:x86

312186a36f2d79dac5ae6b1bb8c68f7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
ExitThread
FileTimeToLocalFileTime
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
InterlockedExchange
IsBadReadPtr
IsBadStringPtrA
LCMapStringW
LoadResource
MultiByteToWideChar
ResumeThread
RtlUnwind
SetEnvironmentVariableA
SetLastError
SetStdHandle
SetUnhandledExceptionFilter

msvcrt

_cexit
_wcsicmp
fwprintf
setlocale
__p__fmode

user32

GetSubMenu
CheckMenuItem
MessageBoxA
ModifyMenuA
SetCursor
CreateDialogParamA
GetPropA
MsgWaitForMultipleObjects

oleaut32

SysStringLen
SafeArrayDestroy
SetErrorInfo
SysFreeString
VarBstrCat
ClearCustData
SysReAllocString

shlwapi

PathGetDriveNumberA
SHEnumKeyExA
PathAppendA

Exports

Exports

ServerGetApplicationType

Sections

.text
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ