4a5ef8863dfb6c304b09e45caadbd7fd4ea7b38dd744714c7123f5cde33c5c1d

General

Target

4a5ef8863dfb6c304b09e45caadbd7fd4ea7b38dd744714c7123f5cde33c5c1d
Size

322KB
MD5

50ea8d2983a9831fd385f6082b2d5295
SHA1

100ebfcad7465cd6136e5ae8302618f595dca272
SHA256

4a5ef8863dfb6c304b09e45caadbd7fd4ea7b38dd744714c7123f5cde33c5c1d
SHA512

371ed1a8d311f8da8d186b3b9822e2ad48341b28965c9c7996b025e976a15a6afb9f064508f5c8b5fc403f9fb0405a989a32c0e03a43a7b47e57f8d74ea7431b
SSDEEP

3072:4aP9tk+tyst4bHeZKXjXB4sGh9uoooooooz:X8+RibHewLB4t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a5ef8863dfb6c304b09e45caadbd7fd4ea7b38dd744714c7123f5cde33c5c1d

Files

4a5ef8863dfb6c304b09e45caadbd7fd4ea7b38dd744714c7123f5cde33c5c1d
.exe windows:4 windows x86

79523906ca49fd7563c4b81f635dbfb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
CloseHandle
CreateMutexA
ReleaseMutex
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetLastError
UnhandledExceptionFilter
SetStdHandle
GetProcAddress
HeapReAlloc
HeapAlloc
GetFileType
CreateFileA
WriteFile
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
VirtualFree
VirtualAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
SetFilePointer
SetHandleCount
GetStdHandle
FlushFileBuffers

user32

SetFocus
GetDlgItem
EndDialog
CheckRadioButton
CheckDlgButton
MessageBoxA
DialogBoxParamA
IsDlgButtonChecked

comctl32

ord17

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79523906ca49fd7563c4b81f635dbfb6

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 19KB

.data1 Size: 1024B - Virtual size: 620B

.rsrc Size: 283KB - Virtual size: 282KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 19KB

.data1
Size: 1024B - Virtual size: 620B

.rsrc
Size: 283KB - Virtual size: 282KB