4336e59b635c3bb443e7effa540ba168

Sharing

Copy URL

Twitter E-mail

General

Target

4336e59b635c3bb443e7effa540ba168
Size

416KB
MD5

4336e59b635c3bb443e7effa540ba168
SHA1

1ad225449082105015c3d87082f5dacbf5a66903
SHA256

bb17f09f0e21236dee49b227551fd9dfb13c617bb31b9061d712640a5e579573
SHA512

ec9eac3391b54d47c9e721bc4b8d72963633691298da323cafebcfc74476323c85f7cba3f6eb79b46f00474b0ed3521b46739f8b22680c073d63af11b25dff70
SSDEEP

6144:kpPXDaF2tdaeXfVgBmKOaMAQPrvGv9pviO81j1nIb7L8mxql+80oJFFnMyuogjF:kpP2u+BvGjvU9J83nIbH8mxS/Fnlu9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4336e59b635c3bb443e7effa540ba168

Files

4336e59b635c3bb443e7effa540ba168
.exe windows:4 windows x86 arch:x86

a32fc7b1a21ef7c3ab9d8c245fadebff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitNamedPipeA
GetStringTypeW
GetFileAttributesW
TlsSetValue
GetFileType
GetSystemDefaultLCID
HeapAlloc
LoadLibraryA
IsBadReadPtr
TlsGetValue
EnumResourceNamesA
GetConsoleOutputCP
ExpandEnvironmentStringsA
GetConsoleTitleA
InterlockedExchange
SetLastError
WritePrivateProfileSectionW
GetStartupInfoA
GetStdHandle
GetLocaleInfoW
GetACP
FreeEnvironmentStringsA
GetStringTypeA
FreeEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
GetEnvironmentStrings
GetOEMCP
GetProcAddress
CreateFileW
GetLastError
HeapFree
LockFileEx
EnterCriticalSection
EnumCalendarInfoExA
InitializeCriticalSection
VirtualQuery
TlsFree
IsBadWritePtr
VirtualFree
FillConsoleOutputCharacterA
LCMapStringA
GetModuleFileNameW
GetEnvironmentStringsW
HeapReAlloc
TlsAlloc
ExitProcess
WriteConsoleInputW
SetConsoleOutputCP
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleA
GetCommandLineA
LCMapStringW
LeaveCriticalSection
GetCurrentThreadId
WriteFile
GetVersion
DeleteCriticalSection
GetCurrentThread
GetCurrentProcessId
GetModuleFileNameA
SetHandleCount
CopyFileExA
CreateDirectoryExA
GetTickCount
HeapCreate
VirtualQueryEx
GetCPInfo
GetSystemTimeAsFileTime
UnhandledExceptionFilter
RtlUnwind

comdlg32

FindTextA
GetFileTitleW
ReplaceTextA
ChooseFontA
GetOpenFileNameA
PageSetupDlgW
LoadAlterBitmap
ChooseColorW
GetFileTitleA
GetOpenFileNameW
PrintDlgA
PrintDlgW
FindTextW
GetSaveFileNameW
ChooseFontW
PageSetupDlgA

user32

RegisterClassExA
EnumDisplaySettingsW
SetWindowsHookA
CheckMenuRadioItem
MessageBoxExA
SetParent
CreateCaret
GetPropW
GetProcessDefaultLayout
GetScrollPos
CopyRect
DdeGetLastError
CreateAcceleratorTableA
SendMessageW

advapi32

LookupPrivilegeValueA
LookupSecurityDescriptorPartsA
CryptGetDefaultProviderW
LookupSecurityDescriptorPartsW
RegEnumValueW
CryptDestroyHash
RegConnectRegistryA
CryptImportKey
CryptAcquireContextW
InitiateSystemShutdownW
RegOpenKeyExA

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a32fc7b1a21ef7c3ab9d8c245fadebff

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

advapi32

Sections

.text Size: 105KB - Virtual size: 105KB

.data Size: 304KB - Virtual size: 303KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 105KB - Virtual size: 105KB

.data
Size: 304KB - Virtual size: 303KB

.rsrc
Size: 6KB - Virtual size: 5KB