4gb_patch[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4gb_patch.exe
Size

14KB
MD5

49938c8ac3820006ec463ced24dbef56
SHA1

a9600f95171088668d46ebad1b0258c074ae1ab4
SHA256

d32e6e3df8e3f03c135293343e2af017914ebfffa85bc25960c92c6c6d323194
SHA512

47cd8c4d080e6b29d30ab1e5affcd193612a0a871b5053d328a08e0556181dd6212c369978c83c8be3925320fa6105be9a6453690d5e402306104a4831cd7f0b
SSDEEP

192:t+e0p00jQbJP/xw25b0fW70y6BVJ46MrJEt/:v0fjQtxRofE0y67J4PVEt/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4gb_patch.exe

Files

4gb_patch.exe
.exe windows:4 windows x86 arch:x86

238374c4d937c22e696029c19a29cf94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetFileSize
CreateFileW
CopyFileW
GetCommandLineW
ReadFile
lstrcpyW
lstrcatW
VirtualFree
CloseHandle
SetFilePointer
WriteFile
GetCommandLineA
GetStartupInfoW
GetModuleHandleW
lstrlenW
ExitProcess

user32

MessageBeep
SetWindowLongW
LoadCursorW
SendMessageW
SetDlgItemTextW
SetCursor
ShowCursor
GetDlgItem
ChildWindowFromPoint
DialogBoxParamW
EndDialog
BeginPaint
GetSysColor
GetWindowRect
GetParent
MoveWindow
EndPaint
ScreenToClient
GetWindowLongW
MessageBoxW
CallWindowProcW

gdi32

TextOutW
SetBkColor
SetBkMode
DeleteObject
SetTextColor
CreateFontW
GetTextExtentPoint32W
SelectObject

comdlg32

GetOpenFileNameW

shell32

ShellExecuteExW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ