4041955e1f0f8923492109e879642622871f3357e172a68ddcd2da54dd3af251 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4041955e1f0f8923492109e879642622871f3357e172a68ddcd2da54dd3af251
Size

1.3MB
MD5

b5eb6efae99aafa20f7a2ae098b1fbeb
SHA1

380d02a273c67156787bb89e6474485ec16aa2bc
SHA256

4041955e1f0f8923492109e879642622871f3357e172a68ddcd2da54dd3af251
SHA512

f87cfb4db6be56e286cf234190b9530e8cdd509bf7cab12b5b8bd0023c1af3f1d8f1fa0625b2fdf6fde8f7d36e37a5de21620d7da66baeb5d62624bb3e2c1880
SSDEEP

24576:csHngK+r5jtnGS+oYgP7qBYQkgCeAehzVioihwD2YEKFE:HErdtUJgP7qW2GehzsoiGVEKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4041955e1f0f8923492109e879642622871f3357e172a68ddcd2da54dd3af251

Files

4041955e1f0f8923492109e879642622871f3357e172a68ddcd2da54dd3af251
.exe windows:4 windows x86 arch:x86

6e9021a3eb01746fba85cf9d4b07f2d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc

user32

GetFocus

Sections

.text
Size: 511KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE