4f5e484cc90f74b7f7cd6e8592f88905397e48531e26c9f7e81c82118a41c342 | Triage

Sharing

General

Target

4f5e484cc90f74b7f7cd6e8592f88905397e48531e26c9f7e81c82118a41c342
Size

1.5MB
MD5

7f03adcce4368f11724e57900dcbc718
SHA1

77d5938f7a3d83ac748e5ed99671c51e35f7a9d1
SHA256

4f5e484cc90f74b7f7cd6e8592f88905397e48531e26c9f7e81c82118a41c342
SHA512

244b0dbc00551444fc1fcbea617f2a4970d20f96a83a1eb5be5a7671f961ad184151c9d3a362948944b808030127e288da96ef65776ec6117284e4d40b318ec3
SSDEEP

6144:gZSE8UGJwiYwUfWeR7oHYnOW111mFW+YecdbjMMqcXmr8MMtjyhX9+FL:Y3GFY/jWHYt1yW+Jy3MMq/r8MMP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f5e484cc90f74b7f7cd6e8592f88905397e48531e26c9f7e81c82118a41c342

Files

4f5e484cc90f74b7f7cd6e8592f88905397e48531e26c9f7e81c82118a41c342
.exe windows:4 windows x86 arch:x86

4517235d6f012421e28370dfa4e6f8c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoInitialize

rpcrt4

RpcMgmtEpUnregister

Sections

.MPRESS1
Size: 165KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE