4008755c7ed9de8b90f3a178da001cff

General

Target

4008755c7ed9de8b90f3a178da001cff
Size

210KB
MD5

4008755c7ed9de8b90f3a178da001cff
SHA1

4d018a50dbcca2e8942d777fe8579a16c0c0c17f
SHA256

70091ab38f22c864232a1bda7f7967c4d9b1c41b704c6d6342df2aeb755330f7
SHA512

c679f5854f287f3cb5abe73f8c5b9d4964a49c4f62cc0fc181fc9d9095b4d354228e59f1cb8cfd4be10147e517a6ff925257bb971a0dc23f4fda4c54d84b76d1
SSDEEP

3072:gBwrDrzFqPtmkRm4Jz8wCF8//eYELHlj6OF0ltTkunsZEX5dwiXMFoU6KI:yCWtmkRmxFqpgHl2xlVkfovXMKUJI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4008755c7ed9de8b90f3a178da001cff

Files

4008755c7ed9de8b90f3a178da001cff
.exe windows:1 windows x86 arch:x86

4bf88bae0b04461a51fe6c9a73166f15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
HeapReAlloc
GetModuleHandleA
UnmapViewOfFile
DuplicateHandle
SetUnhandledExceptionFilter
GetDateFormatA
Module32Next
GetStringTypeA
RtlUnwind
GetComputerNameW
IsBadStringPtrA
GetStringTypeW
CreateFileA
GetProcessHeap
GetCurrentThread
LoadResource
GetTimeFormatA
GetCurrentProcessId
ExitProcess
ReadFile
GetACP
lstrcpynA
GetStartupInfoA
LCMapStringW
LockResource
GetCurrentDirectoryA
GetThreadContext
MapViewOfFile
TlsSetValue
lstrcmpA
lstrcpyA
LocalAlloc
DeleteCriticalSection
HeapFree
FindClose
SetEndOfFile
GetLocaleInfoA
WriteFile
TerminateThread
OpenProcess
InterlockedIncrement

user32

LoadImageA
GetDoubleClickTime
InsertMenuA
PostQuitMessage
GetClassNameA
InvalidateRgn
CreateDialogParamA
GetWindowRect
GetPropA
TrackPopupMenuEx
DialogBoxParamA
MapWindowPoints
EnableWindow
SetWindowPos
DispatchMessageA
wsprintfA
CreateIconIndirect
FindWindowExA
KillTimer
TrackPopupMenu
DefMDIChildProcA
DialogBoxIndirectParamA
SetClipboardData
UnionRect
GetMenuItemCount
SetWindowTextA
SetWindowPlacement
MessageBoxA
GetSubMenu
ClientToScreen
GetMessageA
EndDialog
GetUpdateRgn
IsIconic
GetCapture
DeferWindowPos
GetWindowThreadProcessId
DrawIconEx
LoadMenuA

msvcrt

_except_handler3
_initterm
exit
_acmdln
__getmainargs
__p__commode
_exit
__set_app_type
memcpy
__p__fmode
_adjust_fdiv
_controlfp
__setusermatherr
_XcptFilter

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bf88bae0b04461a51fe6c9a73166f15

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 127KB - Virtual size: 126KB

.data Size: 53KB - Virtual size: 60KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 127KB - Virtual size: 126KB

.data
Size: 53KB - Virtual size: 60KB

.rsrc
Size: 512B - Virtual size: 164B