49f079852e73688cc7b9e42ef970feaf

Sharing

Copy URL Twitter E-mail

General

Target

49f079852e73688cc7b9e42ef970feaf
Size

136KB
MD5

49f079852e73688cc7b9e42ef970feaf
SHA1

74e263ac234a51a904e12da2cc8c1a55f2b494ef
SHA256

bb26210e9ce9d282a5416245be8076a44cf8282db325499393715a2cdef9081d
SHA512

37a3e85688d60b215205571b51165b53bcdb8d06e678bd33a7836142f48913ac94ee15a852ebc6b71278e079bdc34a3a51567eacdd1774da081b1fb9e2ccdf06
SSDEEP

1536:q+T9jhS5CiaYAj+gjbvj7e9NG6/z+5AT5LWiccbH3q7VoagHP:vXS5Cygj3j7ejlzQAT5iic8a7Voa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49f079852e73688cc7b9e42ef970feaf

Files

49f079852e73688cc7b9e42ef970feaf
.exe windows:4 windows x86 arch:x86

61fb539a144ab770226e6a182829d6c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegCreateKeyExA
RegOpenKeyW
RegEnumValueW
RegDeleteKeyA
RegEnumValueA
RegLoadKeyA
RegQueryValueW
RegReplaceKeyW
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyA
RegDeleteValueA
RegCreateKeyW
RegEnumKeyExA
RegReplaceKeyA
RegDeleteValueW
RegQueryValueA
RegQueryInfoKeyA
RegCreateKeyExW
RegCreateKeyExA
RegReplaceKeyW
RegOpenKeyExA
RegEnumValueW
RegEnumKeyA
RegLoadKeyA
RegFlushKey
RegGetKeySecurity
RegQueryValueW
RegEnumKeyExW
RegLoadKeyW
RegOpenKeyA
RegOpenKeyW
RegQueryValueExW
RegQueryInfoKeyW

gdi32

AbortPath
AddFontResourceW
CancelDC
AddFontResourceTracking
AddFontResourceExW
RestoreDC
GetDCOrgEx
GetPixel
CopyMetaFileA
AddFontResourceExA
DeleteObject
SetTextColor
CloseMetaFile
ClearBrushAttributes
ExcludeClipRect
GetPixel
ClearBitmapAttributes
GetClipBox
CloseFigure
AddFontMemResourceEx
GetCurrentPositionEx
DeleteDC
BeginPath
AddFontMemResourceEx
ClearBitmapAttributes
BitBlt
GetDCOrgEx
CloseFigure
AddFontResourceExW
GetPixel
AddFontResourceExA
GetPixel
AddFontResourceTracking
CancelDC
DeleteDC
ClearBrushAttributes
GetBitmapBits
GetCurrentPositionEx
BeginPath
SetTextColor
DeleteObject
ExtTextOutA
CopyMetaFileA

comctl32

ImageList_DragShowNolock
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_GetDragImage
ImageList_Replace
ImageList_GetImageRect
ImageList_DrawEx
ImageList_DragLeave
ImageList_Merge
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImage
ImageList_Remove
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_Read

user32

DrawTextW
CalcMenuBar
DialogBoxParamA
CopyImage
CopyRect
GetWindowTextA
GetDC
CopyIcon
EndDialog
IsWindow
IsMenu
InsertMenuA
GetWindowTextLengthA
GetCursor
GetDlgItem

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61fb539a144ab770226e6a182829d6c2

Headers

File Characteristics

Imports

advapi32

gdi32

comctl32

user32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 5KB

.edata Size: 4KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 2.7MB

.tls Size: 4KB - Virtual size: 238B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 5KB

.edata
Size: 4KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 2.7MB

.tls
Size: 4KB - Virtual size: 238B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 20KB - Virtual size: 20KB