4c621f6d334e8b4f609233f11e5b130c1a0a01c760e7502ff0974ab9af1698ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c621f6d334e8b4f609233f11e5b130c1a0a01c760e7502ff0974ab9af1698ca
Size

75KB
MD5

fadd54d44bef7aeb74730e99b36829d2
SHA1

fb3fa6837c4fe9bc19bbdd9476ad8966a5cff3ac
SHA256

4c621f6d334e8b4f609233f11e5b130c1a0a01c760e7502ff0974ab9af1698ca
SHA512

61d6bf80e40c2b5153dcd0d14f992ef50609e35ca49cd4e6e048e8acb29a64ff9a080d8049acb5d6b062fb02a8a18a319f6c268ad79a5906f2774ad0348cda92
SSDEEP

1536:Ht7/RLYAsYEbTitiL7K4o8WDnnaq7ymhhCBID/WYmYkDezBsC/CvWnQyZm:F1YTYI+tiS4pgnnnymhhoIqDRezBDCvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c621f6d334e8b4f609233f11e5b130c1a0a01c760e7502ff0974ab9af1698ca

Files

4c621f6d334e8b4f609233f11e5b130c1a0a01c760e7502ff0974ab9af1698ca
.exe windows:5 windows x86 arch:x86

560067b1a913b93b8a94fc689f5e4db8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualProtect
lstrcmpiA
VirtualAlloc
CreateThread
GetModuleHandleA

user32

SendMessageA
KillTimer
DefWindowProcA
SetTimer
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
LoadIconA
LoadCursorA

Exports

Exports

fgdfgdfg
gtbfdb
start

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ