4d7692e8158be2891aac69d5ea88c6494f51b8da7eed4f9254eb703c7f0c2a8c | Triage

Sharing

General

Target

4d7692e8158be2891aac69d5ea88c6494f51b8da7eed4f9254eb703c7f0c2a8c
Size

62KB
MD5

ae40b9ff551743d565cdee97a246b32a
SHA1

dd3df0d59bf4f116d551b58f7747cdf0e0abc27c
SHA256

4d7692e8158be2891aac69d5ea88c6494f51b8da7eed4f9254eb703c7f0c2a8c
SHA512

b2d110be7e53f46f05184e026406413fe8af3c5c235d7e9fc5fae9ffb3378cc5718be84f6babcb058019b594a51eef6c147bc2edb8fbb4a161f8d2417f467916
SSDEEP

1536:z6xSnfwq4cxW28zEH89/ehxQXp3bDbRRvr9biHB3uVNiL4Omusnh4R2VD:zdVxXEXrqQVfDrD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d7692e8158be2891aac69d5ea88c6494f51b8da7eed4f9254eb703c7f0c2a8c

Files

4d7692e8158be2891aac69d5ea88c6494f51b8da7eed4f9254eb703c7f0c2a8c
.exe windows:4 windows x86 arch:x86

31c353d9055cdd53a2c4c3f30471d7ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateActCtxA
PurgeComm
lstrcat
TermsrvAppInstallMode
SetConsoleScreenBufferInfoEx
CreateJobObjectA
GetExitCodeProcess
CreateActCtxW
GetModuleHandleW
GetConsoleAliasesLengthW
K32QueryWorkingSet

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE