46f048d69060b40f7779f4ed49bdc0ce

Sharing

Copy URL Twitter E-mail

General

Target

46f048d69060b40f7779f4ed49bdc0ce
Size

225KB
MD5

46f048d69060b40f7779f4ed49bdc0ce
SHA1

8efa6cef4fca0799631ada489bc36c859fc4c3eb
SHA256

c26cf786e74e852595238824648c82835c97359da63ba311c077515e3bd1db6d
SHA512

1852b54cd2d77d99e4fd18bc67783cc0e4a1975f48a2ac48953121c9f599a6b3ca1041cbb2c233cc6531946a7b846b9584f2055ce4a22017e7e718a6c0508cc5
SSDEEP

6144:mbPj5qQg/oI5uuqQZ/XlANirgOqRdMmNr2aE+3:m7gQg/o8LZXONXVQv+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46f048d69060b40f7779f4ed49bdc0ce

Files

46f048d69060b40f7779f4ed49bdc0ce
.exe windows:4 windows x86 arch:x86

2605283188c1ed82621d0ced3998b2df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongA
GetParent
UnionRect
SendNotifyMessageW
RegisterClassW
ChangeDisplaySettingsW
CheckRadioButton
OpenWindowStationA

comdlg32

LoadAlterBitmap
ChooseFontA
FindTextW
GetSaveFileNameA
FindTextA
PrintDlgA
ChooseColorA
ChooseColorW
GetFileTitleW
PrintDlgW
ReplaceTextA
PageSetupDlgA
GetOpenFileNameA
GetOpenFileNameW
GetFileTitleA

advapi32

RegSetValueExW
CryptHashSessionKey
LookupPrivilegeValueA
LogonUserA
RegCreateKeyW
CryptReleaseContext
CryptGenKey
StartServiceW
CryptDecrypt
RegSetValueA
CryptImportKey
LookupPrivilegeNameA
RegCloseKey
CryptGenRandom
LookupPrivilegeDisplayNameW
RegOpenKeyExA
LookupAccountSidA
LookupSecurityDescriptorPartsA
RegDeleteValueA
CryptContextAddRef
RegReplaceKeyW
CryptSetKeyParam
RegRestoreKeyW
RegDeleteValueW
InitializeSecurityDescriptor

gdi32

StartDocA
StartDocW
SetViewportOrgEx
AbortDoc
UpdateICMRegKeyW
StretchDIBits
PaintRgn
GetKerningPairs
ArcTo
GdiSetBatchLimit
PolyTextOutA
StartPage
Escape
GetTextExtentPointW
GetPixel
AddFontResourceW
GetTextExtentPoint32W
Rectangle
GetRasterizerCaps
UpdateColors
CreateBitmap
DeleteMetaFile
GetTextExtentPointA
CreateFontW
CreateDiscardableBitmap

kernel32

GetSystemTimeAdjustment
ExitProcess
HeapReAlloc
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
HeapFree
InterlockedExchange
LoadLibraryA
WriteFile
GetConsoleTitleA
VirtualQuery
CloseHandle
GetProcAddress
HeapAlloc
GetCurrentThreadId
SetCurrentDirectoryW
TerminateProcess
VirtualAlloc
GetTickCount
GetModuleFileNameA
GetCurrentProcess
GetSystemTimeAsFileTime
GetModuleHandleA

wininet

InternetHangUp
FindFirstUrlCacheEntryExW
InternetCrackUrlW
InternetReadFile
GopherGetAttributeW
UnlockUrlCacheEntryStream

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2605283188c1ed82621d0ced3998b2df

Headers

File Characteristics

Imports

user32

comdlg32

advapi32

gdi32

kernel32

wininet

Sections

.text Size: 108KB - Virtual size: 107KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 108KB - Virtual size: 107KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 12KB - Virtual size: 12KB