4a44f48b8564ebbc2a4383590507866f

General

Target

4a44f48b8564ebbc2a4383590507866f
Size

161KB
MD5

4a44f48b8564ebbc2a4383590507866f
SHA1

1d724aeff90093b3d60eadec9b15d7a66775a7a6
SHA256

bc6dde9f8bae09c65e9928c4bacda672cf8e5f97631f30c91eb0cf6522818574
SHA512

ce8b46010690c55e12266f540cb1745e0e13674bdb0604f62c961bbd5ad31b67b8583acecd5bb101963717186f1685f8a0722cdfab31476b3a49b68281396eb1
SSDEEP

1536:MnhlZaFmUUDMY9qVzYh1na3TcbhZjWFsxGisAWaEgdwIbGJ:M0FmUUQ/zsa3TcbhVEsxlsjbgdwIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a44f48b8564ebbc2a4383590507866f

Files

4a44f48b8564ebbc2a4383590507866f
.exe windows:1 windows x86 arch:x86

25624b0a433c7e325241a52bdfdbd97a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegCreateKeyExA
CloseServiceHandle
RegQueryValueExW
RegCloseKey
GetLengthSid
InitializeAcl
RegCloseKey
AddAccessAllowedAce
RegQueryValueExA
RegDeleteKeyW
GetTokenInformation
GetLengthSid
RegCloseKey
OpenThreadToken
OpenThreadToken
RegOpenKeyW
GetLengthSid
RegEnumValueW
SetSecurityDescriptorDacl
RegSetValueExA
RegCreateKeyExA
InitializeSecurityDescriptor
RegCreateKeyExW
RegDeleteKeyW

user32

SetTimer
CreateWindowExW
GetWindowLongW
BeginPaint
GetSystemMetrics
SetTimer
SetCapture
LoadAcceleratorsW
PostQuitMessage
GetSystemMenu
GetSystemMetrics
GetFocus
DestroyIcon

kernel32

GetLastError
GetVersionExA
VirtualFree
GetTickCount
FormatMessageW
CreateThread
VirtualFree
GetModuleFileNameA
lstrcpyW
HeapDestroy
SetLastError
HeapAlloc
FormatMessageW
GetStartupInfoW
SetUnhandledExceptionFilter

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

25624b0a433c7e325241a52bdfdbd97a

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 148KB - Virtual size: 160KB

Size: 1024B - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

�vmp0 Size: 6KB - Virtual size: 5KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�vmp0
Size: 6KB - Virtual size: 5KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB