d4873b356b3ca70d85a16bf3f899486d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4873b356b3ca70d85a16bf3f899486d
Size

91KB
MD5

d4873b356b3ca70d85a16bf3f899486d
SHA1

599fd52905f6f7c2341eb6e5a67afc25ec43013d
SHA256

2ef1e640f42bdb4efe201d393d3dd56a3cbcf80a2ddc06be3f8eb8353ca022c8
SHA512

fa3d08ee7dcbfa96a0fafd05ad39fabba0fc4d1edd8a2d55c8e774b8ee3f0fd18ba8a7f547fd7c753b6acc7504275db220a80f48114c105c009cf9c441341b59
SSDEEP

1536:BCYm5YJWq1Z3lnwplkqajahzo67OAUE7sB1yi6SWNER:BCkZu0qajaZouUisBJ6SW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4873b356b3ca70d85a16bf3f899486d

Files

d4873b356b3ca70d85a16bf3f899486d
.exe windows:4 windows x86 arch:x86

d67c417e744959eaea4ebecd8324bc1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
LoadLibraryA
GetCommandLineW
MapViewOfFile
DeleteFileA
RemoveDirectoryW
CreateMutexA
GetVersion
SetLastError
SetLastError
HeapDestroy
RemoveDirectoryW
GetFileSize
OpenEventW
GetStdHandle
GetStartupInfoA
ExitProcess
CreatePipe
ReleaseMutex
lstrlenA
ReleaseSemaphore
CreateFileA
CreateFileMappingW
CreateDirectoryW
VirtualProtectEx

uxtheme

CloseThemeData
GetWindowTheme
IsThemeActive
DrawThemeBackground
GetThemeTextExtent
SetWindowTheme
DrawThemeEdge
GetThemeTextMetrics
GetThemeSysSize
GetThemeColor
CloseThemeData
OpenThemeData
GetThemeBool

hhsetup

??0CFIFOString@@QAE@XZ
??0CFIFOString@@QAE@XZ
??0CFIFOString@@QAE@XZ
??0CFIFOString@@QAE@XZ

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE