4458cd8f4974fc616e64829b1fffa9569207d760b7c082415e3c72289ef5a14c

Sharing

Copy URL Twitter E-mail

General

Target

4458cd8f4974fc616e64829b1fffa9569207d760b7c082415e3c72289ef5a14c
Size

1.4MB
MD5

7e459f841826c90b18030c916f14c000
SHA1

00ef145204f33dca73efac01ce35fdbb959a4a5c
SHA256

4458cd8f4974fc616e64829b1fffa9569207d760b7c082415e3c72289ef5a14c
SHA512

2609589e77958dbd757bb1f47e82b95218c5441c5b3cc503ab1e64e64390200d784552c6df87e5c6734082235ad305cee2e76218453271a7bc7b1f2abd105d72
SSDEEP

24576:8c0wPhm33xFb25b3qDFT1cGVjeX83t4AUUkL3kpIoIXDQdhY:8c0H3xFb25b65TNVjeX83tIL6Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4458cd8f4974fc616e64829b1fffa9569207d760b7c082415e3c72289ef5a14c

Files

4458cd8f4974fc616e64829b1fffa9569207d760b7c082415e3c72289ef5a14c
.exe windows:5 windows x86

3a641e8946000b9ffb72f1f3434651d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
EnterCriticalSection
CreateSemaphoreW
GetThreadPriority
DeleteCriticalSection
CreateThread
GetTickCount
Sleep
CreateFileA
SetFilePointer
DosDateTimeToFileTime
WaitForMultipleObjects
GetDriveTypeA
DeviceIoControl
MulDiv
FreeResource
FindResourceW
LoadResource
SizeofResource
SetThreadPriority
SystemTimeToFileTime
GetCurrentProcess
GetFileType
DuplicateHandle
LocalFree
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TerminateThread
GetCurrentThread
InterlockedIncrement
InterlockedDecrement
CreateEventW
ResetEvent
GetOverlappedResult
WriteFile
GetLocalTime
CreatePipe
GetStartupInfoW
ReadFile
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
PeekNamedPipe
DeleteFileW
FindNextFileW
RemoveDirectoryW
FindClose
GetCurrentDirectoryW
GetTempPathW
GlobalUnlock
GetModuleFileNameW
CopyFileW
GlobalAlloc
GetModuleHandleW
GlobalLock
CreateDirectoryW
FindFirstFileW
CloseHandle
GetLastError
CreateFileW
GetFileSize
GetProcAddress
LoadLibraryW
LockResource
IsProcessorFeaturePresent

user32

SetTimer
DestroyWindow
ClientToScreen
EndPaint
LoadCursorW
CharNextW
SetCursor
GetMonitorInfoW
MapWindowPoints
GetCursorPos
MonitorFromWindow
IntersectRect
GetParent
GetFocus
IsRectEmpty
SetWindowPos
GetCaretBlinkTime
EnableWindow
GetCaretPos
GetWindowTextLengthW
SetCaretPos
CreateCaret
GetSysColor
GetWindowLongW
ShowCaret
GetKeyState
HideCaret
DispatchMessageW
GetWindow
CallWindowProcW
GetPropW
GetSystemMetrics
RegisterClassW
ScreenToClient
IsWindow
SetWindowLongW
RegisterClassExW
TranslateMessage
SetPropW
GetClassInfoExW
LoadImageW
IsIconic
PostQuitMessage
GetMessageW
GetWindowRect
IsWindowVisible
GetActiveWindow
UnionRect
GetUpdateRect
KillTimer
CharPrevW
DrawTextW
OffsetRect
wvsprintfW
IsZoomed
SetWindowRgn
SetWindowTextW
SendMessageW
MessageBoxW
RegisterDeviceNotificationW
FillRect
SetCapture
InvalidateRgn
CreateWindowExW
ShowWindow
GetDlgItem
GetWindowTextW
EnumWindows
GetClientRect
CreateAcceleratorTableW
PostMessageW
MoveWindow
DefWindowProcW
ReleaseCapture
ReleaseDC
InvalidateRect
GetGUIThreadInfo
GetDC
PtInRect
BeginPaint
SetFocus
SetRect

gdi32

DeleteDC
GetTextMetricsW
BitBlt
SetWindowOrgEx
TextOutW
ExtSelectClipRgn
RoundRect
GetClipBox
CreateRoundRectRgn
SetStretchBltMode
GetCharABCWidthsW
ExtTextOutW
SelectObject
CreateRectRgnIndirect
CreatePenIndirect
SelectClipRgn
GdiFlush
SetBkColor
StretchBlt
CreateDIBSection
LineTo
GetTextExtentPoint32W
MoveToEx
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
SaveDC
CreatePen
RestoreDC
CreateFontIndirectW
GetObjectW
GetStockObject
GetObjectA
SetTextColor
SetBkMode
CreatePatternBrush
CreateSolidBrush
DeleteObject
CombineRgn
GetDeviceCaps

comdlg32

GetOpenFileNameW

ole32

CreateStreamOnHGlobal
CoInitialize
CLSIDFromString
CoCreateInstance
OleLockRunning
CoUninitialize
CLSIDFromProgID

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString

msvcr100

memcpy
memset
_CxxThrowException
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_onexit
_lock
__dllonexit
_unlock
calloc
_gmtime64
_wcslwr
memmove
realloc
wcsncmp
iswalnum
_itow
isdigit
wcstod
_wtof
??_U@YAPAXI@Z
??_V@YAXPAX@Z
wcstol
wcstoul
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
wcsncpy
_wtoi
wcsstr
isprint
isspace
exit
_fseeki64
_ftelli64
ferror
fopen
toupper
fclose
fseek
ftell
fwrite
fread
_wfopen
fflush
_stricmp
strstr
strchr
wcsrchr
strrchr
_strnicmp
atoi
tolower
atol
free
malloc
wcschr
printf
_vsnprintf
_wcsicmp
_vsnwprintf
feof

ws2_32

socket
inet_addr
WSAStartup
connect
recv
ioctlsocket
closesocket
gethostbyname
send
WSACleanup
htons

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

hid

HidD_GetHidGuid

gdiplus

GdipSetSmoothingMode
GdipGetFamily
GdipDeleteFontFamily
GdipDrawString
GdipSetCompositingQuality
GdipCreateLineBrushI
GdipSetInterpolationMode
GdipCreateStringFormat
GdipSetPixelOffsetMode
GdipDeleteStringFormat
GdipDrawImage
GdiplusStartup
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageHeight
GdipFree
GdipLoadImageFromStream
GdipGraphicsClear
GdipSetStringFormatAlign
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDeleteFont
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipDeleteBrush
GdiplusShutdown
GdipImageGetFrameCount
GdipGetImageWidth
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipCreateFromHDC
GdipGetPropertyItemSize
GdipDisposeImage
GdipAlloc
GdipCreateFontFromDC

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 662KB - Virtual size: 661KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 291KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a641e8946000b9ffb72f1f3434651d3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

oleaut32

msvcr100

ws2_32

setupapi

hid

gdiplus

imm32

comctl32

Sections

.text Size: 316KB - Virtual size: 316KB

.rdata Size: 662KB - Virtual size: 661KB

.data Size: 291KB - Virtual size: 304KB

.rsrc Size: 115KB - Virtual size: 115KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 316KB - Virtual size: 316KB

.rdata
Size: 662KB - Virtual size: 661KB

.data
Size: 291KB - Virtual size: 304KB

.rsrc
Size: 115KB - Virtual size: 115KB

.reloc
Size: 24KB - Virtual size: 23KB