04d6fa706bbcb1fe6be35ab5e0576caa

Sharing

Copy URL Twitter E-mail

General

Target

04d6fa706bbcb1fe6be35ab5e0576caa
Size

276KB
MD5

04d6fa706bbcb1fe6be35ab5e0576caa
SHA1

febcac628c787d3d24929955d0d935cfa858dc48
SHA256

d00bbff383596f0e83622565e8e8e88dd3879ee3bb9e84de7ec23d108c3807fe
SHA512

90afff117e1e9d88dc2a86e377677887889f41ce516029a3213928ff124e8cfd9322844f27ef2d651b7fa0442b2fb3b84f69cf4fc9a7c2a8d56188dc3c1f4af8
SSDEEP

6144:iYkMywiXFX541E+2bdOUrc3SiscY787hI2UiX:hkFwkX5qbUMSV6C2U+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d6fa706bbcb1fe6be35ab5e0576caa

Files

04d6fa706bbcb1fe6be35ab5e0576caa
.exe windows:4 windows x86 arch:x86

a1e07345368f27194ae424933fdd9f49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString

comdlg32

GetFileTitleA

shlwapi

StrCmpNW
StrRetToStrW
StrCmpIW

advapi32

GetSecurityInfo
CopySid
OpenThreadToken
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
GetSecurityDescriptorLength
OpenSCManagerW
FreeSid
AccessCheck
ImpersonateSelf

version

VerQueryValueA

gdi32

RealizePalette
EnumFontFamiliesW
GetCurrentObject
LPtoDP
PlayMetaFile
AddFontResourceExW
GetEnhMetaFileHeader
StartDocA
CreateRoundRectRgn
CopyMetaFileA
GetDCOrgEx
BitBlt

shell32

SHBrowseForFolderA
SHAppBarMessage

kernel32

GetModuleHandleA
VirtualAlloc
GetCommandLineA
IsProcessorFeaturePresent
OpenEventW
QueryPerformanceCounter
Sleep
FindCloseChangeNotification
GetConsoleOutputCP
GetSystemInfo
OpenProcess
GetModuleHandleW
VirtualQuery
ExitThread
SetStdHandle
lstrcpynW
_lread
FormatMessageA
_lclose
WritePrivateProfileStringA
PulseEvent
GetExitCodeProcess
GetPrivateProfileIntW
HeapSetInformation
GetSystemTime
FindResourceA
FileTimeToSystemTime
GetCurrentThreadId
GlobalLock
SetProcessWorkingSetSize
GetDiskFreeSpaceExW
GetUserDefaultLCID
GetSystemPowerStatus
CreateFileMappingW
GetEnvironmentStrings
WaitForMultipleObjects
GetFileAttributesW
GetPrivateProfileSectionA
MoveFileW
GetLastError
FreeEnvironmentStringsW
SetEnvironmentVariableA
MoveFileExA
GlobalUnlock
OpenEventA
lstrcpynA
GetTempFileNameA
GetDateFormatW
CopyFileA
QueryPerformanceFrequency
GlobalFlags
FindResourceExW
GlobalSize
GetLogicalDrives
GlobalAlloc
ResetEvent
GetOEMCP
CompareStringA
TerminateThread
GetStartupInfoA
CreateDirectoryW
lstrlenA
FindResourceExA
GetShortPathNameA
GetUserGeoID
LCMapStringA
GetDriveTypeW
GetVersionExW
InterlockedIncrement
FreeResource
DeviceIoControl
SetCurrentDirectoryW
UnhandledExceptionFilter
GetVersion
ExitProcess
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement

comctl32

ImageList_DragShowNolock
PropertySheetW
ImageList_Read
ImageList_ReplaceIcon
InitCommonControlsEx

ole32

ReleaseStgMedium
CoSetProxyBlanket
OleQueryCreateFromData
CreateGenericComposite

user32

SetWindowsHookExW
CharPrevW
SetDlgItemTextW
DestroyWindow
InsertMenuW
OpenClipboard
GetSystemMetrics
TrackMouseEvent
CharUpperBuffW
GetWindowPlacement
ReplyMessage
TranslateAcceleratorA
GetCaretBlinkTime
PeekMessageW
CreateWindowExA
GetClientRect
SetDlgItemInt
LoadCursorW
DestroyCursor
GetMenuItemCount
LockWindowUpdate
AllowSetForegroundWindow
ModifyMenuW
GetInputState
LoadBitmapW
CheckMenuRadioItem
DdeCreateStringHandleW
CreateCaret
SetWindowPlacement
RemovePropA
LoadCursorA
CharLowerBuffA
GetNextDlgTabItem
EqualRect
GetFocus
GetWindowTextLengthA
SetWindowLongW
GetWindowWord
GetWindowLongA
wsprintfW
ModifyMenuA
ShowOwnedPopups
GetAsyncKeyState
AppendMenuA
ShowCaret

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1e07345368f27194ae424933fdd9f49

Headers

File Characteristics

Imports

oleaut32

comdlg32

shlwapi

advapi32

version

gdi32

shell32

kernel32

comctl32

ole32

user32

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 712B

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 712B