04535199[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

04535199.exe
Size

344KB
MD5

a18a130a4d7d24e1494c603149326996
SHA1

0a329ad8bfac8d3581906640666dbda4a8372167
SHA256

63054e85bcad2319e692c774c253bb74c8b39531f6bc64664e7cd4cd7614b6b0
SHA512

e7da66ec0efc584fb83a7b431d7bda20d54eee73f9dcbe9d03d00670ba89ecf390431385f925e4eb699f0ae80c52712af3af81714448304063e0eb8d18883e4d
SSDEEP

6144:4cl0BUPTNL+g2XvqauA83t2LIPJEdUv1ua7fm15cSurQQIMN:4Q0BUrNufaX92cPAa7fmncHX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04535199.exe

Files

04535199.exe
.exe windows x86

bb88efa3bf52d99b0f7a3f2b92d5d5f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertThreadToFiber
GetConsoleAliasExesLengthA
BuildCommDCBAndTimeoutsA
InterlockedIncrement
OpenJobObjectA
InterlockedDecrement
SetMailslotInfo
GetLogicalDriveStringsW
FreeEnvironmentStringsA
GetTickCount
EnumCalendarInfoExW
WaitNamedPipeW
EnumTimeFormatsW
GetDriveTypeA
GetVolumePathNameW
GetSystemDirectoryW
SetFileShortNameW
GetPrivateProfileStructW
GetCalendarInfoA
LeaveCriticalSection
GetFileAttributesA
GetExitCodeProcess
WriteConsoleW
SetSystemPowerState
WritePrivateProfileSectionW
CompareStringW
CreateMutexW
EnumSystemLocalesA
GetPrivateProfileIntW
GetCurrentDirectoryW
GetProcAddress
AttachConsole
MoveFileW
SetComputerNameA
SearchPathA
LoadLibraryA
OpenThread
InterlockedExchangeAdd
OpenWaitableTimerW
LocalAlloc
SetCalendarInfoW
MoveFileA
FindFirstVolumeMountPointW
AddAtomW
SetFileApisToANSI
GetDiskFreeSpaceA
GetModuleHandleA
CancelTimerQueueTimer
FreeEnvironmentStringsW
FindNextFileW
GetStringTypeW
EnumDateFormatsW
SetThreadAffinityMask
DeleteFileW
GetCurrentProcessId
SetProcessAffinityMask
GetShortPathNameA
GetVolumeNameForVolumeMountPointA
CloseHandle
SetStdHandle
GetLastError
WideCharToMultiByte
HeapFree
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapAlloc
IsProcessorFeaturePresent
HeapCreate
EnterCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
Sleep
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
LoadLibraryW
HeapReAlloc
FlushFileBuffers
CreateFileW

gdi32

GetCharABCWidthsW
SelectObject

shell32

DuplicateIcon

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 638KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb88efa3bf52d99b0f7a3f2b92d5d5f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

shell32

Sections

.text Size: 85KB - Virtual size: 85KB

.data Size: 175KB - Virtual size: 638KB

.rsrc Size: 82KB - Virtual size: 82KB

.text
Size: 85KB - Virtual size: 85KB

.data
Size: 175KB - Virtual size: 638KB

.rsrc
Size: 82KB - Virtual size: 82KB