004bb68e51b2936ed09f255db5ad04c4

General

Target

004bb68e51b2936ed09f255db5ad04c4
Size

27KB
MD5

004bb68e51b2936ed09f255db5ad04c4
SHA1

22699a2b817561c5dc5594d8ae6df8c5aa82cd66
SHA256

c185bb449938604e50b86ff3be95a5cd306a2741479471afb1c8ca4f0766144b
SHA512

de0aaddc670f2d1bf6159139c15f65c359cdd6e4ca76dfe52f6c35b26618b929fc478d99e196a04058cc20b7efda48c4c01d2e34f114a0f34ef2646cc2630668
SSDEEP

768:LQXdmojdl6I0FKusmU0ME0WACvRzkTJqoHw+:UXdmgd4gusmU0M5HCVkTwoj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
004bb68e51b2936ed09f255db5ad04c4

Files

004bb68e51b2936ed09f255db5ad04c4
.exe windows:4 windows x86 arch:x86

b09d0881e7178219c766b986b6619fa9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
WriteFile
ReadFile
DeleteFileA
CloseHandle
GetFileSize
CreateFileA
CreateThread
CopyFileA
GetLastError
CreateEventA
GetStringTypeA
LoadLibraryA
GetProcAddress
GetOEMCP
GetModuleFileNameA
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
ExitProcess
CreateDirectoryA
GetWindowsDirectoryA
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
Sleep
WinExec
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetACP
lstrcpynA
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
WideCharToMultiByte

user32

wsprintfA
ShowWindow
SendMessageA
FindWindowExA
FindWindowA
DispatchMessageA
TranslateMessage
CreateDialogParamA
LoadIconA
GetMessageA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA

wsock32

sendto
connect
WSAStartup
ioctlsocket
htons
socket
recvfrom

shell32

Shell_NotifyIconA

comctl32

InitCommonControlsEx

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b09d0881e7178219c766b986b6619fa9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

shell32

comctl32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 24KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 24KB