474974e434720bf4ea51a91f53b02d0f

Sharing

Copy URL Twitter E-mail

General

Target

474974e434720bf4ea51a91f53b02d0f
Size

54KB
MD5

474974e434720bf4ea51a91f53b02d0f
SHA1

665449592702ad868e5e551cb1347f1d11cd0a9e
SHA256

72978b1320d43a0c9848c8dcf4ed86a0240a07890649856d32b1f6b7daed3ddd
SHA512

11a9b370dc8a1b743bec734053b69f748591fa5ee07183336ae876fbc1a595085752bfe603fdf5190e85ff265f62cfd55c9c9a56183e98a73b30674c90eabaf0
SSDEEP

768:9IGsAO+7h09IasRMsYioS4PXxmX//YWhtmKppbzYD2O9JqQvYEEOR9zYcbO5A:qGWahoVsRMBPhmXrfmab8DBC1EEK5O5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
474974e434720bf4ea51a91f53b02d0f

Files

474974e434720bf4ea51a91f53b02d0f
.exe windows:4 windows x86 arch:x86

95d9e1cc259d99276b7f88d8c238b0a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
SetErrorMode
LoadLibraryA
ExpandEnvironmentStringsA
DosDateTimeToFileTime
FreeLibrary
lstrcmpiW
lstrlenA
lstrlenW
GetLocalTime
GetExitCodeThread
GetLocaleInfoW
GetModuleHandleW
GetVersionExW
LoadLibraryW
OpenMutexW
GetFileAttributesW
GetExitCodeProcess
CreateEventW
WaitForSingleObject
GetModuleFileNameW
Sleep
CreateDirectoryW
GetTempPathW
GetLastError
RemoveDirectoryW
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
IsDebuggerPresent
CreateMutexW
GlobalAlloc
MultiByteToWideChar
GetModuleHandleA
GetProcAddress

user32

InvalidateRect
GetFocus
GetForegroundWindow
GetActiveWindow
IsWindow
DestroyIcon
LoadBitmapW
CopyRect
LoadImageW
LoadIconW
GetSystemMetrics
IsIconic
MessageBoxW
wsprintfW
PostMessageW
EnableWindow
SendMessageW

gdi32

CreateSolidBrush
CreatePen

advapi32

GetTokenInformation
LookupAccountSidW
DuplicateTokenEx
ImpersonateLoggedOnUser
SetThreadToken
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
GetUserNameW
RevertToSelf
OpenProcessToken

comctl32

ord17

oleaut32

VariantClear

shell32

ShellExecuteW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

softpub

OfficeCleanupPolicy
SoftpubDefCertInit
DllUnregisterServer

mmcshext

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.icode
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MC
Size: 1KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VMfPGA
Size: 1KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 7KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hC
Size: 2KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95d9e1cc259d99276b7f88d8c238b0a9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

oleaut32

shell32

version

softpub

mmcshext

Sections

.icode Size: 3KB - Virtual size: 2KB

.text Size: 18KB - Virtual size: 18KB

.MC Size: 1KB - Virtual size: 113KB

.rdata Size: 3KB - Virtual size: 14KB

.VMfPGA Size: 1KB - Virtual size: 59KB

.edata Size: 7KB - Virtual size: 99KB

.data Size: 8KB - Virtual size: 313KB

.edata Size: 9KB - Virtual size: 52KB

.hC Size: 2KB - Virtual size: 223KB

.rsrc Size: 2KB - Virtual size: 1KB

.icode
Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.MC
Size: 1KB - Virtual size: 113KB

.rdata
Size: 3KB - Virtual size: 14KB

.VMfPGA
Size: 1KB - Virtual size: 59KB

.edata
Size: 7KB - Virtual size: 99KB

.data
Size: 8KB - Virtual size: 313KB

.edata
Size: 9KB - Virtual size: 52KB

.hC
Size: 2KB - Virtual size: 223KB

.rsrc
Size: 2KB - Virtual size: 1KB