4194efb43c649c35402c655aa5b68650[.]exe

General

Target

4194efb43c649c35402c655aa5b68650.exe
Size

56KB
MD5

4194efb43c649c35402c655aa5b68650
SHA1

0a934f2740856f328e842f4ae504df5b89fe07b8
SHA256

fd6a275c7f2653cd48de8747df43ef27b982ec593ef91111e99c2c7428b81150
SHA512

c3d3c743dbd272b2f1c2092bbbb121683631b02502fec2d91a19f3a3b97f0004fa51f7c49f0d3eaa44befc4d4d48f607e16f61849682537f480457be0f18d5a6
SSDEEP

768:buNZKMI4rD95SacCkVCykJSCEEB7uJBuFayjK9lPSRiTxoX:qf5jSacZCykcCEEBCJBFySEEoX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4194efb43c649c35402c655aa5b68650.exe

Files

4194efb43c649c35402c655aa5b68650.exe
.exe windows:4 windows x86 arch:x86

d370f5f751b8f6d128bbf2c873d56cab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
DeleteFileA
GetCurrentProcess
CreateProcessA
MoveFileA
GetWindowsDirectoryA
CompareStringW
CompareStringA
SetEndOfFile
SetPriorityClass
GetCurrentThread
SetThreadPriority
SetProcessPriorityBoost
GetLastError
Sleep
SetFileAttributesA
GetFileAttributesA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetStdHandle
IsBadCodePtr
CreateDirectoryA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
CloseHandle
FlushFileBuffers
WriteFile
ReadFile
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
SetEnvironmentVariableA

user32

wsprintfA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d370f5f751b8f6d128bbf2c873d56cab

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 9KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 9KB