d4fbac2e52a98eaf55b6f7cf0dda96d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4fbac2e52a98eaf55b6f7cf0dda96d7
Size

18KB
MD5

d4fbac2e52a98eaf55b6f7cf0dda96d7
SHA1

fcd7d2ba7a370af6761289b4bd84c3ca826894d7
SHA256

6f2b98cedefd0bf56ebb360c688c4e3213b37ed2a537d1d43aafe27691f38479
SHA512

bae0d046209b71cd5077bf33dfa971123b80ef6ca73f92c17f04fbe3c445e6c06fa439e491a3de922808dbbccec17e767d901f687070b8bc50f52f11d123bb84
SSDEEP

192:Ymkc6JyHDbm3uP43BjkesBjTXLeTLQG8V4XCZxOaFdIZe+ienn0HUSaB8aFv2v3i:Y0PDiXBjqBHoVBX4xOavee40HUSNiYq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4fbac2e52a98eaf55b6f7cf0dda96d7

Files

d4fbac2e52a98eaf55b6f7cf0dda96d7
.exe windows:4 windows x86 arch:x86

ffaac567929fbeac11c470044ebcc4ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
IsDebuggerPresent
ResumeThread
VirtualProtect
GetUserDefaultLCID
GetModuleHandleA
WaitForSingleObject
InterlockedExchange
GetCurrentProcessId
FreeConsole
GetCommandLineA
HeapDestroy
GetTapeStatus
GlobalSize
HeapCreate
GlobalMemoryStatus
GetOEMCP
LoadLibraryA
PeekConsoleInputA
GetACP
GetSystemTime

user32

GetFocus
ReleaseDC
DragDetect
GetClassNameA
GetCursorPos
FrameRect
GetParent
DrawTextA
GetDC
AnyPopup
BeginPaint
EndPaint
GetWindow
wsprintfA
GetTitleBarInfo
SetForegroundWindow
CreateIcon
FillRect
ShowWindow

ntshrui

IsFolderPrivateForUser
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
IsPathSharedA

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ