4ef427809518d6a487f6309f9342a13900d42dcb0ff26a7dff19a726122e0bfd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ef427809518d6a487f6309f9342a13900d42dcb0ff26a7dff19a726122e0bfd
Size

82KB
MD5

94c73c22e41f193ed105ffa9355d4d8b
SHA1

92b21cc87acdb56e3ada94b3058112f78cc00c94
SHA256

4ef427809518d6a487f6309f9342a13900d42dcb0ff26a7dff19a726122e0bfd
SHA512

580ab7f6f2cd445553e4cb1e0c449714edb7165b9341c407ed35cfd280efa1d29cc7a86c597548f4cef6eb500f6d0e5ce27415f3f0fb438a81394784fe5c309f
SSDEEP

1536:sB+FC9RntfWeoGiPyCHjKDjvQQQtUw2dfkoT/y2ZLJFM:sB+F8tfPN4yCDKDjvQQQt/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ef427809518d6a487f6309f9342a13900d42dcb0ff26a7dff19a726122e0bfd

Files

4ef427809518d6a487f6309f9342a13900d42dcb0ff26a7dff19a726122e0bfd
.exe windows:1 windows x86 arch:x86

17a4bd9c95f2898add97f309fc6f9bcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess

Sections

.bss
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NewSec
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.htext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE