4e185afb3f77b2fc00b0a4c6d8c23ef1b8f1ce52d6b1d366a64bec98b058a5a9N | Triage

Sharing

General

Target

4e185afb3f77b2fc00b0a4c6d8c23ef1b8f1ce52d6b1d366a64bec98b058a5a9N
Size

61KB
MD5

8df4ef006d5fcabeebdb27326f1b7ff0
SHA1

a0c5b507d02714dc968c26a106a4baa2683f07f7
SHA256

4e185afb3f77b2fc00b0a4c6d8c23ef1b8f1ce52d6b1d366a64bec98b058a5a9
SHA512

a02993fb70e06a9ed094d1dd6dd15a2c6eac99594b67b8163501eefc630649416c4715c9e72d2f018efb70621eff639f9f4e3093f6b23eeaff90d400a16b433b
SSDEEP

1536:QB27hZMls+WZ7wmzqltdQJWko1ccMGzBN/IJE9Conj:QWHMBWZ7fGtqwtLV+E9/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
4e185afb3f77b2fc00b0a4c6d8c23ef1b8f1ce52d6b1d366a64bec98b058a5a9N

Files

4e185afb3f77b2fc00b0a4c6d8c23ef1b8f1ce52d6b1d366a64bec98b058a5a9N
.exe windows:5 windows x86 arch:x86

7e9fea8202d2a495383dff2cc4aa02d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyState
LoadIconA
IsWindow

gdi32

GetStockObject
CreateFontIndirectW

kernel32

GetSystemWindowsDirectoryW

Exports

Exports

CommonEpisodE
?FinalEpisode@@YGEUCOMMANDLINE094@@WE
?FormalEpisode@@YGEUCOMMANDLINE094@@WE
?SecondEpisode@@YGEUCOMMANDLINE094@@WE
?ThirdEpisode@@YGEUCOMMANDLINE094@@WE

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.track
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hold
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE