4b0eec704f0dcaac716cb941891cbf0fe66201cb454a28c889c853208c80461f[.]exe

General

Target

4b0eec704f0dcaac716cb941891cbf0fe66201cb454a28c889c853208c80461f.exe
Size

116KB
MD5

683367d4fcf71713f6a0b01ff1777180
SHA1

5db25707a12ae21289e56592f5831e1fc5938142
SHA256

4b0eec704f0dcaac716cb941891cbf0fe66201cb454a28c889c853208c80461f
SHA512

f0bb5d0f4c67b0abc4e05d89706e5a8ae1d41fcceca10a529a8998eecddaa98c2b7bc00f52b08c9fb891a88bdf0e598179f8dd9e80a00acb1b98d60215d57c52
SSDEEP

3072:yPvZC1RGnktWXQ2vwJEbBW8ywPjgnIv1jhrr7xx:d14ne8fvTbQ8y01tr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0eec704f0dcaac716cb941891cbf0fe66201cb454a28c889c853208c80461f.exe

Files

4b0eec704f0dcaac716cb941891cbf0fe66201cb454a28c889c853208c80461f.exe
.exe windows:4 windows x86 arch:x86

b21db30c7eb74c51f8b83d5a8876ab76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapCreate
CreateMutexA
ReleaseMutex
FindResourceA
IsValidLocale
ReadFile
ReadConsoleA
GetLastError
GetFileTime
ReadConsoleA
ReadConsoleA
lstrcpyW
GetStartupInfoW
GetFileSize
CloseHandle
lstrcpyA
GetCurrentDirectoryW
GetModuleHandleA
IsBadStringPtrW
FormatMessageA
SetFileAttributesA

msi

MsiCloseHandle
MsiAdvertiseProductA
MsiCloseAllHandles
MsiCreateRecord

user32

GetWindowTextA
SetCursorPos
IsZoomed
DispatchMessageA
LoadCursorW
IsDialogMessageA
IsCharLowerA
wsprintfW
PostMessageW
GetWindowLongW
PeekMessageW
SetFocus
IsWindow

wldap32

ldap_add

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 263B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b21db30c7eb74c51f8b83d5a8876ab76

Headers

File Characteristics

Imports

kernel32

msi

user32

wldap32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 105KB - Virtual size: 104KB

.text1 Size: 1024B - Virtual size: 263B

.data1 Size: 512B - Virtual size: 224B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 105KB - Virtual size: 104KB

.text1
Size: 1024B - Virtual size: 263B

.data1
Size: 512B - Virtual size: 224B