4dbff66d9a4aebf96fb8f6769d60abe8f388967a4c8b84144b5ee7efc7bd167b[.]exe

General

Target

4dbff66d9a4aebf96fb8f6769d60abe8f388967a4c8b84144b5ee7efc7bd167b.exe
Size

119KB
MD5

e92d2eb933e3d7b75a9de2d98cf651f8
SHA1

291bf4ac75f088eeaf5efb18ef27e0bf97547c1b
SHA256

4dbff66d9a4aebf96fb8f6769d60abe8f388967a4c8b84144b5ee7efc7bd167b
SHA512

23dfe4e1f7d489f10a12e57861e10c8dba85036fe999115f91971dcc7d467a43f2fc78d232716b3c8b932d5aa97dcac88fcd14ebec4cfcf9fe2ca121374ef039
SSDEEP

3072:jNjBvUV5wS3U/OUJcBqEftZDePNEqSDV3ywCKUJSbGG:fMV5N3U/rcBX1ZDqNO3dCJJSbGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dbff66d9a4aebf96fb8f6769d60abe8f388967a4c8b84144b5ee7efc7bd167b.exe

Files

4dbff66d9a4aebf96fb8f6769d60abe8f388967a4c8b84144b5ee7efc7bd167b.exe
.exe windows:5 windows x86 arch:x86

877784e75d985d13bdc55a1f383ebf9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TlsGetValue
GetLogicalDrives
ReadConsoleA
ReadConsoleA
lstrlenA
CloseHandle
HeapSize
ReleaseMutex
FindAtomW
DeleteFileW
GetDriveTypeA
PulseEvent
LoadLibraryW
GetStringTypeW
ReadConsoleA
Sleep
GetStartupInfoA
VirtualProtectEx
GetLastError
GetPrivateProfileSectionA
SearchPathW

dsprop

FindSheet
CheckADsError
ReportError
MsgBox
FindSheet
FindSheet
MsgBox
ErrMsg
CheckADsError
ErrMsg
MsgBox
ReportError
ErrMsg

gpedit

DllCanUnloadNow
DllGetClassObject
ExportRSoPData
BrowseForGPO

Sections

.text
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 704B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

877784e75d985d13bdc55a1f383ebf9a

Headers

File Characteristics

Imports

kernel32

dsprop

gpedit

Sections

.text Size: 1024B - Virtual size: 788B

.data Size: 1024B - Virtual size: 704B

.rdata Size: 512B - Virtual size: 266B

.rsrc Size: 114KB - Virtual size: 114KB

.import Size: 512B - Virtual size: 136B

.orpc Size: 512B - Virtual size: 73B

.text
Size: 1024B - Virtual size: 788B

.data
Size: 1024B - Virtual size: 704B

.rdata
Size: 512B - Virtual size: 266B

.rsrc
Size: 114KB - Virtual size: 114KB

.import
Size: 512B - Virtual size: 136B

.orpc
Size: 512B - Virtual size: 73B