4a4a47027953474cbabb5ea7cd0983ad3d804b1a8de795cd44bb4e4bffe5be7b

General

Target

4a4a47027953474cbabb5ea7cd0983ad3d804b1a8de795cd44bb4e4bffe5be7b
Size

275KB
MD5

add947b48cb2d8cd9e5c7a84a157613b
SHA1

d968f9d9b8721a9a657d7dae83a223b228d7da16
SHA256

4a4a47027953474cbabb5ea7cd0983ad3d804b1a8de795cd44bb4e4bffe5be7b
SHA512

6cb9b74aa3c3a42d5d7ad17873e9061520ee861289c95cdfe14a6dd9805580a78d9a37bd8f31d0d58a47f660170d0c61ff4b4fbd882db9e3dc9a2114f11e1985
SSDEEP

1536:4TFjhnZr8s5yX9ua9QeYPWiTfZG/E/A8yLMXwH+y5rquSSsJ3C/:ef5yXmK+A8yLRHV5OuSSK3C/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a4a47027953474cbabb5ea7cd0983ad3d804b1a8de795cd44bb4e4bffe5be7b

Files

4a4a47027953474cbabb5ea7cd0983ad3d804b1a8de795cd44bb4e4bffe5be7b
.exe windows:4 windows x86

41957c587da6b7a53f5e40ac2af966bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

CreateMutexA
ReleaseMutex
DeleteFileA
GetModuleFileNameA
GetVersionExA
HeapReAlloc
HeapAlloc
HeapFree
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
CreateFileA
SetFilePointer
ReadFile
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
VirtualFree
VirtualAlloc
GetFileType
HeapDestroy
HeapCreate
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetStdHandle
SetEndOfFile
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
LoadLibraryA
GetLastError
GetEnvironmentVariableA

user32

GetDlgItem
EnableWindow
SetWindowTextA
SendMessageA
EndDialog
SetFocus
MessageBoxA
DialogBoxParamA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41957c587da6b7a53f5e40ac2af966bc

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 14KB - Virtual size: 160KB

.data1 Size: 2KB - Virtual size: 1KB

.rsrc Size: 214KB - Virtual size: 214KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 160KB

.data1
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 214KB - Virtual size: 214KB