c4d7c4fd0bb15c34ddbcee6202b77ddb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4d7c4fd0bb15c34ddbcee6202b77ddb
Size

636KB
MD5

c4d7c4fd0bb15c34ddbcee6202b77ddb
SHA1

87850ba6b304851c2bd5f0fab045500eb3879bae
SHA256

e2ec7e48251a755ab78389a70713320d3c7204f0c0c9296b4e70a12e54fdd0ad
SHA512

1b10063b00fc006bdb60eab657da5863b89555ac0c54668413c6d0315ced98d2891f54733b416b333d77f67f0187eee892a3de6a3110cabd25db967df02035e0
SSDEEP

12288:00aWbWxrYcOgLAxB7iX/IH2wfR9e3nOLdypJPONcgyvK9aLP1d9//:jCduvxB7ivwjfR96nHpJPJQaLv9/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4d7c4fd0bb15c34ddbcee6202b77ddb

Files

c4d7c4fd0bb15c34ddbcee6202b77ddb
.exe windows:4 windows x86 arch:x86

3f07617cac5bd8d1791e584e489dd631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetTickCount
GetConsoleCP
GetConsoleDisplayMode
SuspendThread
HeapCreate
LocalSize
GetVersion
GetAtomNameA
GetCommandLineA
lstrlenA
InterlockedExchange
WaitForMultipleObjects
GetModuleHandleA
CloseHandle
WaitForSingleObject
GlobalUnlock
CompareFileTime
GetSystemDefaultLangID
HeapReAlloc
VirtualProtect

gdi32

Escape
EngLineTo
CreatePalette
AbortPath
GetRgnBox
DeleteDC
GetMetaFileA
EqualRgn
BeginPath
GetStringBitmapA
FloodFill
DeleteObject
GetFontData
GetTextColor
CreateFontA
CreateICA
GetMetaRgn
EndPath
Ellipse

rastapi

PortClose
DeviceConnect
DeviceDone
DeviceListen
AddPorts

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ