d4e1ffdb6705e4fc066e081129f4ff00

General

Target

d4e1ffdb6705e4fc066e081129f4ff00
Size

10KB
MD5

d4e1ffdb6705e4fc066e081129f4ff00
SHA1

f2d54fad6d86ca07d63984112045b02abefd9bd2
SHA256

c1be09a165a85891caa046a316d085f60be5a53537b21dec0e83a690e1e8c177
SHA512

d8b3ac3133ad4398b0ad7bdbfe19c486a10fa0c03b9cd92652a798645f8cfa593871364c50f0c509a435af8a6a2db94aaa804fcb10c997dfa7c732fa25e7a4b6
SSDEEP

192:0Ykzh7DLZjMHDsBW823Nk1Q3Eq19d1oynOlRwmfxxa:bkNHVjM4BWhUK9d1YlRw6xQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4e1ffdb6705e4fc066e081129f4ff00

Files

d4e1ffdb6705e4fc066e081129f4ff00
.exe windows:4 windows x86 arch:x86

d476f74df4ab17b5fa11fb3730cf8ab8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??2@YAPAXI@Z
memmove
memcpy
_mbscmp
_mbsstr
sprintf
strlen
fseek
fopen
memset
_mbsrchr
fclose
fread
__CxxFrameHandler
strcpy
??3@YAXPAX@Z

msvcp60

?_Xran@std@@YAXXZ
?_Xlen@std@@YAXXZ

kernel32

GetStartupInfoA
GetModuleHandleA
CreateThread
WaitForSingleObject
GetExitCodeThread
DeleteFileA
GetSystemDirectoryA
SetEvent
CreateFileA
GetLastError
Sleep
GetFileSize
WriteFile
GetModuleFileNameA
CreateEventA
OpenEventA
GetCurrentProcess
CloseHandle

user32

TranslateMessage
DispatchMessageA
MessageBoxA
ExitWindowsEx
PeekMessageA

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d476f74df4ab17b5fa11fb3730cf8ab8

Headers

File Characteristics

Imports

msvcrt

msvcp60

kernel32

user32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 532B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 532B