c4a9591c52bfeeb28cf12e0e934629a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4a9591c52bfeeb28cf12e0e934629a3
Size

5KB
MD5

c4a9591c52bfeeb28cf12e0e934629a3
SHA1

cc31ddc40f5b3c62a95e40c4dc4516cef1912a1d
SHA256

c2042ced895e03daf5fe37de8d66ed320e2e53f8006856d77deb621e6d6c482b
SHA512

c531d3afa75acfb3cd4ed0fc91cd694ca936f0ae83d4a20d25a1f9a18398dcdf2dbaca60980f5b74a2612e6b96b8cd2cf496b5b8a39748d49b79955909b93a75
SSDEEP

96:r/MSygp+zSF64FOSnz7yQXpddENw5TB2P6t6ka:OgI2vFOaXHXKq5ka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4a9591c52bfeeb28cf12e0e934629a3

Files

c4a9591c52bfeeb28cf12e0e934629a3
.exe windows:4 windows x86 arch:x86

489f79d02e558f1e1808ce0302d1e68d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrcatA
HeapAlloc
GetProcessHeap
GetModuleHandleA
LoadLibraryA
CloseHandle
GetLastError
lstrlenA
GetFileSize
CreateFileA
FreeResource
GetUserDefaultLangID
LockResource
LoadResource
FindResourceA
EnumResourceNamesA
GetSystemDirectoryA

user32

wsprintfA

wininet

InternetCloseHandle
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetCanonicalizeUrlA
InternetOpenA
InternetCrackUrlA
HttpSendRequestA

version

VerQueryValueA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE