4245fda123394252fcb7d8aad847dee0bd8e00d2dd3ae8ecfa380db3ce57638f

Sharing

Copy URL Twitter E-mail

General

Target

4245fda123394252fcb7d8aad847dee0bd8e00d2dd3ae8ecfa380db3ce57638f
Size

2.2MB
MD5

ddc820f2729a92bebf339365abde9999
SHA1

602e240ea6ec9d6a3a43f7e69b42620dd9b483e8
SHA256

4245fda123394252fcb7d8aad847dee0bd8e00d2dd3ae8ecfa380db3ce57638f
SHA512

140bc8886fe394bdb424db7bd807e1de7c700de5a0352579fa6aca8d0df0e56444525f94214cf2c655d387f5ad5a749e77993ad345446af163a643926adfcd4d
SSDEEP

49152:XqiUwecpVCeYc3r7H3niMrGciOqFbFRVYpL0S8/6O0:65wNhiMrGcixRYL0E5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4245fda123394252fcb7d8aad847dee0bd8e00d2dd3ae8ecfa380db3ce57638f

Files

4245fda123394252fcb7d8aad847dee0bd8e00d2dd3ae8ecfa380db3ce57638f
.exe windows:6 windows x64

13a6d66e251ff651098254e498c0685e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?always_noconv@codecvt_base@std@@QEBA_NXZ

mfc140

ord14208

kernel32

CreateEventW

user32

FindWindowA

advapi32

AdjustTokenPrivileges

comctl32

InitCommonControlsEx

wininet

InternetReadFile

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback

api-ms-win-crt-string-l1-1-0

isspace

api-ms-win-crt-utility-l1-1-0

srand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-filesystem-l1-1-0

_unlock_file

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_setmbcp

msvcrt

free

psapi

GetMappedFileNameW

shell32

SHGetFolderPathW

Sections

.text
Size: 154KB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13a6d66e251ff651098254e498c0685e

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

mfc140

kernel32

user32

advapi32

comctl32

wininet

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

msvcrt

psapi

shell32

Sections

.text Size: 154KB - Virtual size: 10.3MB

.sedata Size: 2.1MB - Virtual size: 2.1MB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 20KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 154KB - Virtual size: 10.3MB

.sedata
Size: 2.1MB - Virtual size: 2.1MB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 20KB

.sedata
Size: 4KB - Virtual size: 4KB