af46c5377e4f761d29e96b660fcd244d1ed2a67f8e046f7e143ae30819d8b9e6

Sharing

Copy URL Twitter E-mail

General

Target

af46c5377e4f761d29e96b660fcd244d1ed2a67f8e046f7e143ae30819d8b9e6
Size

1.8MB
MD5

fa469527860ff5f552c453453a756dc4
SHA1

261a522fd3cd76ebfe53d0ed12eb8e633f38589a
SHA256

af46c5377e4f761d29e96b660fcd244d1ed2a67f8e046f7e143ae30819d8b9e6
SHA512

bb358635b96f5010b1162b8d46d9c3c7651a82e0c5f88eb7e2631ef52c75129966336c4e5136c8af1a848715be6e211dbb271fed1be01f5702e2a517099c167f
SSDEEP

49152:hSnxO/TY7zw0LUWmzt/B54gXPhDZkvfE0V:hSSY40LW94MVZkvfE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af46c5377e4f761d29e96b660fcd244d1ed2a67f8e046f7e143ae30819d8b9e6

Files

af46c5377e4f761d29e96b660fcd244d1ed2a67f8e046f7e143ae30819d8b9e6
.exe windows x86

b408ef08ef2a1570ae61a8c7e8c1c470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SafeArrayGetElement

advapi32

RegFlushKey

user32

GetWindowTextA

kernel32

GetVersion
GetVersionExA
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

GetTextExtentPoint32A

version

GetFileVersionInfoSizeA

ole32

CoInitialize

comctl32

ImageList_DragEnter

Sections

.text
Size: - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 52B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b408ef08ef2a1570ae61a8c7e8c1c470

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

ole32

comctl32

Sections

.text Size: - Virtual size: 393KB

.itext Size: - Virtual size: 2KB

.data Size: - Virtual size: 7KB

.bss Size: - Virtual size: 19KB

.idata Size: - Virtual size: 9KB

.tls Size: - Virtual size: 52B

.rdata Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 1.4MB

.vmp1 Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 512B - Virtual size: 204B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 393KB

.itext
Size: - Virtual size: 2KB

.data
Size: - Virtual size: 7KB

.bss
Size: - Virtual size: 19KB

.idata
Size: - Virtual size: 9KB

.tls
Size: - Virtual size: 52B

.rdata
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 1.4MB

.vmp1
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 512B - Virtual size: 204B

.rsrc
Size: 4KB - Virtual size: 4KB