f4a489ecc555246b6ac3797505312b24f9bfe0f112d67a97af4b3a53ca69a37b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4a489ecc555246b6ac3797505312b24f9bfe0f112d67a97af4b3a53ca69a37b
Size

3.3MB
MD5

cec09efda5b0dc9348ce7e2d3b9778c0
SHA1

dacd4c6d2ac9930963399914cf2765e54f37ba60
SHA256

f4a489ecc555246b6ac3797505312b24f9bfe0f112d67a97af4b3a53ca69a37b
SHA512

13597d797729843968ed79657eecb4c02ae9dda07b8e828909f1f40231ef7a6514af1d2c8e9693bd7cbd3b429be1928b30e285857ead05afcbd9e4c9aac4b532
SSDEEP

98304:Niki9NDDMyKWW6qd5s5wT5TcI6ygks+53+:Nif91cWW6O5siIJygks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4a489ecc555246b6ac3797505312b24f9bfe0f112d67a97af4b3a53ca69a37b

Files

f4a489ecc555246b6ac3797505312b24f9bfe0f112d67a97af4b3a53ca69a37b
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

LTGetILTMemory
SetMasterDatabase

Sections

Size: 1.8MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gwgfgdrt
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jbythabf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE