4120031766754b3ad7871a46bf63ffb1

Sharing

Copy URL

Twitter E-mail

General

Target

4120031766754b3ad7871a46bf63ffb1
Size

82KB
MD5

4120031766754b3ad7871a46bf63ffb1
SHA1

375790db6c25c24a27ca4e37652d18744598413e
SHA256

3e051ac0ff48d2074ccaee9d14b658a31939d38dcee2906530573db042867836
SHA512

0e3d709c091d2393788c3b96e1b36457e24ee1f981c461de752491ea5c6c62fb4fbbb3e855113ff9e2f57955e2e7bb8e12dc1bef4dcb4b0c392dea5257ece6bd
SSDEEP

1536:KPK9APoel6me/+GsiCAIchynATX9S2WZWTU7im0pHmXOXkfrUSZFSHcZU4h:KPK9+o7me/+9iCAIa9TX0uHhXKrtZFO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4120031766754b3ad7871a46bf63ffb1

Files

4120031766754b3ad7871a46bf63ffb1
.exe windows:5 windows x86 arch:x86

3f6767c80f54a1bbc6429294d0cda1cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumValueA

atl

AtlMarshalPtrInProc

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

user32

DestroyIcon
LoadImageA
IsDialogMessageA
SendMessageA
GetDlgItem
EndDialog
DialogBoxParamA
PeekMessageA
MsgWaitForMultipleObjects
ReleaseDC
GetDC
wsprintfA
GetWindowRect
DispatchMessageA
SetWindowPos
DestroyWindow
DrawTextA
MessageBoxA
IsDlgButtonChecked
GetSysColor
GetWindowTextA
GetClientRect
InvalidateRect
CharUpperA
LoadBitmapA
CheckDlgButton
SetWindowLongA
CharPrevA
TranslateMessage
GetWindowLongA
SetDlgItemTextA
IsWindow
CreateDialogParamA
SendDlgItemMessageA
SetWindowTextA
LoadStringA
EnableWindow
ShowWindow

kernel32

GetSystemDirectoryA
HeapFree
lstrcatA
DisableThreadLibraryCalls
lstrcpynA
InterlockedIncrement
CreateThread
FreeLibrary
lstrcmpA
GetModuleHandleA
GetDiskFreeSpaceA
CreateFileA
LocalAlloc
CreateEventA
GetProcessHeap
InitializeCriticalSection
HeapReAlloc
GetProcAddress
HeapSize
lstrlenA
HeapAlloc
LoadLibraryA
CloseHandle
LocalFree
InterlockedDecrement
SetEvent
VirtualAlloc
GetModuleFileNameA
lstrcmpiA
GetWindowsDirectoryA
lstrcpyA
GetTickCount

ntdll

NtAddAtom

advpack

RegInstall

gdi32

CreateCompatibleDC
RestoreDC
DeleteDC
CreateSolidBrush
SetGraphicsMode
BitBlt
SetBkColor
GetTextMetricsA
DPtoLP
SetViewportOrgEx
SelectObject
SetWindowOrgEx
SaveDC
DeleteObject
GetObjectA
ModifyWorldTransform
GetDeviceCaps
ExtTextOutA
SetTextColor
CreateFontIndirectA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f6767c80f54a1bbc6429294d0cda1cf

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

atl

version

user32

kernel32

ntdll

advpack

gdi32

ole32

Sections

.textbss Size: - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 428B

.idata Size: 79KB - Virtual size: 79KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 816B

.textbss
Size: - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 79KB - Virtual size: 79KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 816B