4622db2716a5a4bb746b9d70502fb6c11a96448789314b932c560b4349ec54d8[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4622db2716a5a4bb746b9d70502fb6c11a96448789314b932c560b4349ec54d8.exe
Size

1.7MB
MD5

4c96e3aac729e7f537532dc1e18b0736
SHA1

6b1debe432a0bf8c86f4126aeef01f78ae66a292
SHA256

4622db2716a5a4bb746b9d70502fb6c11a96448789314b932c560b4349ec54d8
SHA512

2c96d8daf55c3fb993dad72e4ece319124429972591efd84625f9c1a18f9983dcfb5247a6360b95b0cd8e9ebf22fa508995a866d7a745fcf7bf6e3bbfa782a86
SSDEEP

24576:pYPuGvVat/N1R69CJSOXhh2UZWZ4FI7RjYsqeXvInk/ho7/Em:pwuM0/N1uOXhh2UM4FI7lYbEvIk/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4622db2716a5a4bb746b9d70502fb6c11a96448789314b932c560b4349ec54d8.exe

Files

4622db2716a5a4bb746b9d70502fb6c11a96448789314b932c560b4349ec54d8.exe
.exe windows:6 windows x64 arch:x64

b8c60050cd8bde99325dc839f8dc3b17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

PathIsDirectoryW
PathIsRelativeW
PathCanonicalizeW
PathIsRootW
SHDeleteKeyW
PathAppendW
PathRemoveFileSpecW
PathUnquoteSpacesW
SHAutoComplete
PathCompactPathExW
StrFormatByteSizeW
AssocQueryStringW
StrCmpLogicalW
PathIsURLW
PathFileExistsW
PathRelativePathToW
SHSetValueW
SHGetValueW

uxtheme

BufferedPaintSetAlpha
EndBufferedPaint
BeginBufferedPaint
CloseThemeData
SetWindowTheme
OpenThemeData
GetThemeColor
GetThemeInt
GetThemeBackgroundContentRect
DrawThemeBackground

kernel32

GlobalUnlock
GlobalAddAtomW
DeleteAtom
lstrlenW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
GetFullPathNameW
GetLongPathNameW
GetShortPathNameW
GetModuleFileNameW
CreateFileW
CloseHandle
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
FormatMessageW
GetTickCount64
GetWindowsDirectoryW
GetCurrentProcess
GetFileTime
WriteFile
SetFileTime
GetFileSizeEx
GlobalMemoryStatusEx
ReadFile
WideCharToMultiByte
GetFileSize
FlushFileBuffers
SetFilePointer
SetEndOfFile
SetDllDirectoryW
CreateMutexW
SystemTimeToFileTime
SetErrorMode
GetUserDefaultLCID
GetStringTypeExW
LCMapStringW
ExpandEnvironmentStringsW
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
GetStringTypeExA
LCMapStringA
GetSystemTime
FileTimeToSystemTime
CreateThread
CreateProcessW
GetFileInformationByHandle
CompareFileTime
CopyFileW
GetFileAttributesW
SetFileAttributesW
MoveFileExA
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetTimeFormatW
CreateFileA
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GlobalFree
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
GlobalLock
IsValidLocale
GetLocaleInfoW
CompareStringW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
GetStdHandle
SetEnvironmentVariableW
ExitProcess
RtlUnwind
LoadLibraryExW
TlsFree
GlobalAlloc
TlsGetValue
TlsAlloc
RtlUnwindEx
CreateFileMappingA
GetModuleHandleA
MapViewOfFileEx
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
GetCPInfo
CompareStringEx
GetSystemTimeAsFileTime
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoEx
RaiseException
RtlPcToFileHeader
IsProcessorFeaturePresent
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitOnceBeginInitialize
InitOnceComplete
GetNativeSystemInfo
WaitForSingleObjectEx
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetStringTypeW
FormatMessageA
FindNextFileW
FindClose
FindFirstFileW
FindFirstFileExW
lstrcpynW
Sleep
LoadLibraryA
GetModuleHandleW
MulDiv
GetLastError
GetProcAddress
FreeLibrary
LoadLibraryW
SetLastError
VerifyVersionInfoW
VerSetConditionMask
LocalFree
LocalAlloc
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW
lstrcpyW
EnumSystemLocalesW
TlsSetValue

user32

ReleaseCapture
GetClassNameW
InvalidateRgn
BeginPaint
GetClientRect
GetWindowLongPtrW
SendMessageW
GetWindowTextLengthW
GetWindowTextW
EndPaint
DrawTextW
InflateRect
GetWindowRect
GetCursorPos
PtInRect
GetFocus
GetSystemMetrics
IntersectRect
MapWindowPoints
GetParent
GetDC
ReleaseDC
ScreenToClient
SystemParametersInfoW
DialogBoxParamW
CreateDialogParamW
EnableWindow
ShowWindow
BringWindowToTop
SetForegroundWindow
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
DestroyWindow
EndDialog
SetFocus
GetSysColor
PostMessageW
GetKeyState
RedrawWindow
CreatePopupMenu
CheckMenuItem
CreateDialogIndirectParamW
GetWindowPlacement
GetDesktopWindow
CopyRect
CheckRadioButton
SendDlgItemMessageW
AppendMenuW
InsertMenuW
DestroyMenu
GetDCEx
LoadStringA
SetTimer
KillTimer
IsDlgButtonChecked
EnumWindows
RegisterWindowMessageW
TrackPopupMenu
GetSubMenu
LoadMenuW
ClientToScreen
LoadStringW
SetDlgItemTextW
DrawIconEx
GetSysColorBrush
SetClipboardData
EmptyClipboard
OpenClipboard
CloseClipboard
EnumDisplayMonitors
GetMonitorInfoW
SetWindowTextW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
GetSystemMenu
EnumThreadWindows
EnumChildWindows
CloseWindow
LoadCursorW
SetCursor
SetCapture
CheckDlgButton
DrawFocusRect
RemovePropW
GetPropW
SetPropW
RegisterClipboardFormatW
IsZoomed
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InvalidateRect
SetWindowRgn
CallWindowProcW
SetWindowPlacement
MoveWindow
GetWindowDC
SetLayeredWindowAttributes
MessageBoxW
SetCursorPos
GetDlgItemTextW
DefDlgProcW
CreateWindowExW
SetWindowLongPtrW
GetDlgItem
LoadImageW
SetWindowPos
OffsetRect

gdi32

PatBlt
SelectObject
GetDeviceCaps
SetBkColor
ExtTextOutW
GetObjectW
SetBkMode
DeleteObject
SetTextColor
EnumFontsW
CreateSolidBrush
CreateRectRgn
CreateFontIndirectW
SetRectRgn
CreateRectRgnIndirect
CombineRgn

comdlg32

GetOpenFileNameW

advapi32

CryptReleaseContext
CryptCreateHash
CryptHashData
CryptDestroyHash
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
CryptGetHashParam
CryptAcquireContextW

shell32

SHGetDesktopFolder
ord701
DragQueryFileW
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
SHGetKnownFolderPath
SHCreateItemFromParsingName

ole32

OleInitialize
CoInitializeEx
OleUninitialize
RegisterDragDrop
DoDragDrop
ReleaseStgMedium
CoGetApartmentType
CoGetObjectContext
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoTaskMemFree
OleDuplicateData

gdiplus

GdipDrawPath
GdipDrawRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipAddPathArcI
GdipClosePathFigure
GdipResetPath
GdipDeletePath
GdipCreatePath
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipStartPathFigure

comctl32

ord413
InitCommonControlsEx
ord410
ord412
ord381
ImageList_GetImageCount
ImageList_GetImageInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8c60050cd8bde99325dc839f8dc3b17

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

gdiplus

comctl32

version

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 202KB - Virtual size: 201KB

.data Size: 21KB - Virtual size: 30KB

.pdata Size: 41KB - Virtual size: 40KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 202KB - Virtual size: 201KB

.data
Size: 21KB - Virtual size: 30KB

.pdata
Size: 41KB - Virtual size: 40KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 6KB - Virtual size: 5KB