4221acab96e024f70d5aab9ed9f6554d

Sharing

Copy URL Twitter E-mail

General

Target

4221acab96e024f70d5aab9ed9f6554d
Size

260KB
MD5

4221acab96e024f70d5aab9ed9f6554d
SHA1

b428c212e16682313922b2425ebdf1b90df3b8a8
SHA256

49bac0f5ffefe8e1cf3f3246c58d72ba8944249c780167d9f50e178507afa765
SHA512

fd6298d5c9b795c4b67fbbefa67f42f4a4345d2a74f6c88f92416083b5ba2ba4ba8a4be8673b35684e548a177dfe9b9d3bf484f59cd8af3594a3695c01527a08
SSDEEP

6144:Jv2Rl+1ktaVPNG9VIVZgKeKLCw2tjz3MUUjFSC:4c+taLG9OVuKl2tjz3c3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4221acab96e024f70d5aab9ed9f6554d

Files

4221acab96e024f70d5aab9ed9f6554d
.exe windows:4 windows x86 arch:x86

62f4a32fecd4585b63f64a622ecb6bdf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
LoadLibraryExA
FormatMessageA
CreateSemaphoreA
ReleaseSemaphore
FindNextFileA
FreeLibrary
TlsFree
DeleteCriticalSection
GetVersionExA
InitializeCriticalSection
TlsAlloc
SetEvent
GetUserDefaultLCID
LocalFree
lstrlenA
GetCurrentProcessId
OpenEventA
SetThreadPriority
ResetEvent
TerminateThread
LoadLibraryA
GetModuleFileNameW
GetThreadLocale
FindClose
lstrcpyA
lstrcatA
GetProcessHeap
TlsGetValue
HeapAlloc
GetCurrentThreadId
HeapFree
EnterCriticalSection
LeaveCriticalSection
CreateThread
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
CreateEventA
CreateProcessA
CloseHandle
WaitForSingleObject
SearchPathA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
GetSystemDefaultLCID
Sleep
GetLastError
TlsSetValue
GetCurrentProcess
CreateMutexA
SetConsoleCtrlHandler
InterlockedExchange
GetCommandLineA
SetEnvironmentVariableA
WaitForMultipleObjects
GetVersion
GetCPInfo
CompareStringA
GetLocaleInfoW
CompareStringW
SetStdHandle
RaiseException
FlushFileBuffers
EnumSystemLocalesA
GetLocaleInfoA
SetFilePointer
IsValidLocale
GetStringTypeW
IsValidCodePage
WriteFile
GetCurrentThread
GetStringTypeA
GetFileType
GetStdHandle
SetLastError
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapSize
IsBadWritePtr
WideCharToMultiByte
VirtualAlloc
VirtualFree
ExitProcess
TerminateProcess
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
FatalAppExitA
InterlockedDecrement
HeapReAlloc
GetACP
GetOEMCP
HeapDestroy
InterlockedIncrement
GetEnvironmentVariableA
HeapCreate

user32

ReleaseDC
RegisterClassA
GetDC
FillRect
GetWindowRect
GetSysColor
GetDesktopWindow
LoadImageA
RegisterHotKey
WaitForInputIdle
wsprintfA
FindWindowA
UnregisterHotKey
PostMessageA
SetThreadDesktop
CloseWindowStation
CloseDesktop
GetThreadDesktop
OpenDesktopA
OpenWindowStationA
MessageBoxA
GetProcessWindowStation
SetProcessWindowStation
DispatchMessageA
GetActiveWindow
LoadStringA
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageA
IsWindow
CreateWindowExA
RegisterWindowMessageA
SetWindowLongA
PostQuitMessage
DefWindowProcA
DestroyWindow

gdi32

DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
BitBlt

advapi32

OpenSCManagerA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ControlService
CloseServiceHandle
QueryServiceStatus
OpenServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
DeregisterEventSource
ReportEventA
RegisterEventSourceA
CreateServiceA
DeleteService
RegDeleteValueA
RegSetValueExA

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

62f4a32fecd4585b63f64a622ecb6bdf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 46KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 12KB - Virtual size: 8KB

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 46KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 12KB - Virtual size: 8KB

.rrdata
Size: 68KB - Virtual size: 68KB