4e2dd77a35d3c386aac1494daafacaaa211b301563c492e69be44191450e8800

Sharing

Copy URL

Twitter E-mail

General

Target

4e2dd77a35d3c386aac1494daafacaaa211b301563c492e69be44191450e8800
Size

593KB
MD5

c6c037b76e750f2ccba870fe7dc6706f
SHA1

e28fe05ed31de3e6a003f5fb89b525ce64f51fd1
SHA256

4e2dd77a35d3c386aac1494daafacaaa211b301563c492e69be44191450e8800
SHA512

06edff26fd72d3306a0219ac1160235dccf2d2f88d4fd747c3c1bd5ee237aab0645e47dbd37539c9c83dd44096a67842d073ab87e4d8eacd79c16dbade630b94
SSDEEP

12288:k0eC2bpjWl8u0WexVol7ZxxUsBdLhaFaGnmoTNYZ:k470WexVol7Zxa0ddaFapCYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e2dd77a35d3c386aac1494daafacaaa211b301563c492e69be44191450e8800

Files

4e2dd77a35d3c386aac1494daafacaaa211b301563c492e69be44191450e8800
.exe windows x64

777aff4d1b943346a8b22c3cda7537c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CopyFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
DeleteFileA
Beep
GetLastError
WaitForSingleObject
CreateThread
SetThreadPriority
CreateProcessA
GlobalAlloc
GlobalUnlock
GlobalLock
WideCharToMultiByte
GetTempPathA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThread
FreeResource
GetModuleFileNameA
LoadResource
LockResource
SizeofResource
FindResourceA
WriteConsoleW
SetEndOfFile
HeapReAlloc
HeapSize
CreateFileW
GetStringTypeW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
SetFilePointerEx
GetProcAddress
GetModuleHandleA
OpenProcess
GetCurrentProcessId
CloseHandle
GetFileAttributesA
VirtualProtect
FindNextFileA
FindFirstFileA
FindClose
IsDBCSLeadByte
MultiByteToWideChar
GetTickCount
FlushFileBuffers
Sleep
GetFileSizeEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
HeapAlloc
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
ReadFile
GetModuleHandleExW
ExitProcess
TerminateProcess
GetCurrentProcess
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

GetWindowThreadProcessId
FindWindowA
GetDC
SetWindowPos
PeekMessageA
DispatchMessageA
TranslateMessage
GetAsyncKeyState
DefWindowProcA
GetCursorPos
EnumDisplaySettingsA
LoadCursorA
SetWindowLongA
GetSystemMetrics
GetClipboardData
SetWindowDisplayAffinity
GetWindowDisplayAffinity
SetLayeredWindowAttributes
ShowWindow
CreateWindowExA
RegisterClassExA
MessageBoxA
SendInput
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetWindowInfo
GetWindowLongPtrW
GetWindowLongPtrA
GetWindowLongW
GetWindowLongA
GetWindowWord

gdi32

SetPixelFormat
SelectObject
DeleteObject
CreateFontA
ChoosePixelFormat
SwapBuffers

advapi32

OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
StartServiceA

opengl32

glEnd
wglGetProcAddress
wglMakeCurrent
wglUseFontBitmapsW
glBegin
glBlendFunc
glCallList
glClear
glClearColor
glColor4ub
glDeleteLists
glColor3ub
glViewport
glVertex2f
glRasterPos2f
glOrtho
glMatrixMode
glLoadIdentity
glLineWidth
glGenLists
glEnable
wglCreateContext

wininet

InternetOpenA
InternetCloseHandle
InternetConnectA
InternetReadFile
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA

dwmapi

DwmIsCompositionEnabled
DwmExtendFrameIntoClientArea

Sections

.text
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

777aff4d1b943346a8b22c3cda7537c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

opengl32

wininet

dwmapi

Sections

.text Size: 381KB - Virtual size: 381KB

.rdata Size: 123KB - Virtual size: 122KB

.data Size: 21KB - Virtual size: 248KB

.pdata Size: 10KB - Virtual size: 9KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 54KB - Virtual size: 53KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 381KB - Virtual size: 381KB

.rdata
Size: 123KB - Virtual size: 122KB

.data
Size: 21KB - Virtual size: 248KB

.pdata
Size: 10KB - Virtual size: 9KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 54KB - Virtual size: 53KB

.reloc
Size: 2KB - Virtual size: 1KB