4886176df92a37cebb43977c5589802db3fd1277b81645c04e1550031de7c7d5N | Triage

Sharing

General

Target

4886176df92a37cebb43977c5589802db3fd1277b81645c04e1550031de7c7d5N
Size

249KB
MD5

1888629cc6093cf858a63e3029701f10
SHA1

857e5b21dd7fbc892fc497e27d15cac79e04854d
SHA256

4886176df92a37cebb43977c5589802db3fd1277b81645c04e1550031de7c7d5
SHA512

17358df9ef7b294ff82ef3fb41d292c6043f543aa2dbcb01ef3da249af019b9c432aae4825f7bdeb8dd062a24d77225a9e19965a0fc3fd2f2e68f44e6c639b94
SSDEEP

6144:ztjaHaosPOvb27I91wkpzPQ/d45JCxlZd4izCW5rRhg21:lagPOvb27SJm45OOizCW5N1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4886176df92a37cebb43977c5589802db3fd1277b81645c04e1550031de7c7d5N

Files

4886176df92a37cebb43977c5589802db3fd1277b81645c04e1550031de7c7d5N
.exe windows:4 windows x86 arch:x86

be54e3d0345cbe340acbd76c55c2702e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
FindClose
SuspendThread
InitializeCriticalSection
HeapSize
CreateMutexW
GetCurrentDirectoryA
SetEndOfFile
CloseHandle
ResetEvent
CreateFileA
WaitForSingleObject
ReleaseMutex
GetModuleHandleA
DeleteFileA
ExitProcess
GetTickCount
GetFileSize
GetStartupInfoW
GetSystemInfo
AddAtomW
FindClose
GetTickCount
GetEnvironmentVariableA
HeapCreate

wininet

DeleteUrlCacheEntryA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpDeleteFileA
HttpQueryInfoA
FtpFindFirstFileA
FtpCreateDirectoryA
FtpPutFileA
HttpEndRequestA
DeleteUrlCacheEntryA
FindCloseUrlCache
FtpGetFileA
DeleteUrlCacheEntryA

perfos

CloseOSObject
CloseOSObject
CloseOSObject
CloseOSObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ