48a894dc0c6ac8ef7ab360ef6e4387db

Sharing

Copy URL Twitter E-mail

General

Target

48a894dc0c6ac8ef7ab360ef6e4387db
Size

148KB
MD5

48a894dc0c6ac8ef7ab360ef6e4387db
SHA1

0c0657db135881f106e2efe48313cc41c4d8c7bd
SHA256

eb0fb0b84cf6e31368e2681436538e98cf1c1d44dba31038883cc1ee21186dd1
SHA512

e38af5dce44c434b943372acf137b6e1a2b59c24ee3b878ba6f8857fb2186230b13f22f06b7f0feccd1610361d858094871db2d5cc6e8f2e91f2879828db7209
SSDEEP

3072:Vi2C/yfC6WJVHO9pUAEZaL6j6WrvrysnZVhuHFGsOs9j:VBC/yfBCVujUHZaLxevrywYYsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48a894dc0c6ac8ef7ab360ef6e4387db

Files

48a894dc0c6ac8ef7ab360ef6e4387db
.exe windows:4 windows x86 arch:x86

6956aebddb4b81881c4fe269b7ec7fcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CreateDirectoryA
CreateEventA
CreateFileW
CreateProcessA
CreateProcessW
DeleteFileA
DuplicateHandle
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FreeLibrary
GetCommandLineW
GetCurrentProcessId
GetDateFormatA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileAttributesW
GetFileSize
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTime
GetTempFileNameA
GetTempPathW
GetVersionExW
GetWindowsDirectoryA
GlobalAlloc
GlobalFindAtomA
GlobalHandle
HeapReAlloc
InitializeCriticalSection
InterlockedIncrement
IsDBCSLeadByte
IsDebuggerPresent
LCMapStringW
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LocalFree
MoveFileA
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RemoveDirectoryA
SetCurrentDirectoryA
SetEndOfFile
SetEvent
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
TlsAlloc
TlsFree
UnmapViewOfFile
VirtualAlloc
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcmpiA
lstrcmpiW
lstrcpynA
lstrlenA
lstrlenW

user32

BeginPaint
CallWindowProcA
CharNextA
ClientToScreen
CloseClipboard
DestroyCursor
DrawEdge
DrawFrameControl
DrawMenuBar
GetCapture
GetClientRect
GetDC
GetForegroundWindow
GetKeyboardType
GetMenuStringA
GetMessageA
GetScrollInfo
GetSysColor
GetSystemMetrics
GetTopWindow
GetWindowLongA
GetWindowRect
IsChild
IsIconic
IsWindow
IsWindowEnabled
LoadCursorA
MapWindowPoints
MessageBeep
MessageBoxA
OpenClipboard
PostMessageA
ReleaseDC
RemovePropA
ScreenToClient
ScrollWindow
SetCapture
SetClassLongA
SetClipboardData
SetForegroundWindow
SetMenu
SetScrollInfo
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
ShowOwnedPopups
ShowWindow
TrackPopupMenu
UnregisterClassA
WaitMessage
WinHelpA
WindowFromPoint

gdi32

AbortDoc
AddFontResourceA
Arc
ArcTo
BitBlt
Chord
CopyMetaFileA
CopyMetaFileW
CreateCompatibleBitmap
CreateDCA
CreateFontIndirectA
CreateFontIndirectW
CreateRoundRectRgn
DeleteObject
EnumFontFamiliesExA
EnumFontFamiliesW
FillPath
GetBrushOrgEx
GetCharWidthW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetMapMode
GetObjectA
GetPixel
GetROP2
GetStretchBltMode
GetTextColor
GetTextExtentPointA
GetTextExtentPointW
GetTextFaceA
GetTextMetricsA
GetViewportOrgEx
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
InvertRgn
LPtoDP
OffsetClipRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
PlayEnhMetaFile
PolyBezierTo
PolyDraw
PtInRegion
RealizePalette
SelectPalette
SetBkMode
SetColorAdjustment
SetDIBitsToDevice
SetMetaFileBitsEx
SetPolyFillMode
SetROP2
SetRectRgn
SetTextAlign
SetTextColor
SetTextJustification
SetWinMetaFileBits
SetWindowExtEx
SetWorldTransform
TextOutA
UnrealizeObject

shell32

CommandLineToArgvW
DragQueryPoint
ExtractAssociatedIconW
ExtractIconA
ExtractIconW
SHAppBarMessage
SHBindToParent
SHCreateDirectoryExA
SHFileOperationW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFolderPathW
SHGetMalloc
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteEx
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconA
Shell_NotifyIconW

comctl32

CreatePropertySheetPageW
CreateToolbarEx
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_Create
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_Read
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetImageCount
ImageList_SetOverlayImage
InitCommonControls
PropertySheetW

advapi32

AllocateAndInitializeSid
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
CryptCreateHash
CryptDestroyHash
CryptHashData
FreeSid
GetLengthSid
GetTokenInformation
GetUserNameA
InitializeAcl
InitializeSecurityDescriptor
InitiateSystemShutdownA
OpenProcessToken
OpenServiceA
OpenServiceW
QueryServiceStatus
RegCreateKeyExA
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyW
RegEnumValueA
RegFlushKey
RegOpenKeyA
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RevertToSelf
SetSecurityDescriptorGroup

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6956aebddb4b81881c4fe269b7ec7fcb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 16KB - Virtual size: 16KB