490b7a4e8439d265179a2f2eebb47e22

Sharing

Copy URL Twitter E-mail

General

Target

490b7a4e8439d265179a2f2eebb47e22
Size

2.1MB
MD5

490b7a4e8439d265179a2f2eebb47e22
SHA1

e96c5f3709065a5698a789b0af1e016dfa07b46f
SHA256

16869e91ce9c486d67b8436e08e5516e107fe7231b5359e048e06b7ada5c801c
SHA512

36415fd73c3b8b475d00ec1a6b9cc6a0429ea460f28410a3007862d3915c1f29432ad34fea64ffe5684c8d8048f6a2c7bae78aadab3ec4422cd46c090d52b152
SSDEEP

24576:a+9FMZ6uvfNPED3TukQFScnHSyU2RSDru8iSIJrpE4V9X+vgjJtCA3zUjIn:adpNa5SyyVYxiRrpE4VcvwJ73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
490b7a4e8439d265179a2f2eebb47e22

Files

490b7a4e8439d265179a2f2eebb47e22
.exe windows:4 windows x86 arch:x86

bf9007abd0d4635fe982aa9d3b875d71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
InvalidateRect
ShowWindow
ClientToScreen
IsWindow
GetDlgItem
SetWindowTextW
SetTimer
GetDC
GetWindowRect
EndPaint
MessageBoxA
DestroyWindow
GetCursorPos
PostQuitMessage
EnableMenuItem
ReleaseDC
EndDialog
GetSystemMetrics
SetCursor
LoadStringW
SetWindowLongW
MessageBoxW
SetWindowPos
GetWindow
TranslateMessage
GetClientRect
EnableWindow

ole32

CoTaskMemRealloc
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoTaskMemFree
OleInitialize

oleaut32

VariantCopyInd
RegisterTypeLi
SysStringLen
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
VariantChangeTypeEx
LoadTypeLi
GetActiveObject

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
__p__commode
_XcptFilter
_exit

kernel32

IsDebuggerPresent
GetCurrentProcess
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetStartupInfoA
WriteFile
GetSystemTimeAsFileTime
LoadLibraryA
SetLastError
TerminateProcess
UnhandledExceptionFilter
InterlockedDecrement
LeaveCriticalSection
VirtualFree
GetModuleFileNameA
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
EnterCriticalSection
GetLastError
GetCurrentThreadId
InterlockedExchange
WideCharToMultiByte
FreeLibrary
VirtualAlloc
GetCurrentProcessId

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf9007abd0d4635fe982aa9d3b875d71

Headers

File Characteristics

Imports

user32

ole32

oleaut32

msvcrt

kernel32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 8KB - Virtual size: 7KB