49bb60fb3cafa4e908771104874e0b76

Sharing

Copy URL Twitter E-mail

General

Target

49bb60fb3cafa4e908771104874e0b76
Size

112KB
MD5

49bb60fb3cafa4e908771104874e0b76
SHA1

25f69d51a7ec61de2b53f3d8289960a102ed3b8d
SHA256

36a875d9425e5e41bd7bd521e17dc030a7cf9409b1cc27bf14a4f3207f2c0ce8
SHA512

1bd384b892b824dbce63dc924972b2fbe8138039599ae80f9d4e583afa5cf6bb586986b545db9ce3ba7e9a230a111f186d2bd969dd5dd18a17afc97d3eeec476
SSDEEP

3072:PGxwh1sSJ0bLQOr2uZzxMt86wBb9DMSzhlT:PG2vsS2lr2uy86i9DbzhlT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49bb60fb3cafa4e908771104874e0b76

Files

49bb60fb3cafa4e908771104874e0b76
.exe windows:5 windows x86 arch:x86

6ca383b1abf48b5ec5bbac6d4db224b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
memset
__dllonexit
_except_handler3
__getmainargs
__set_app_type
_vsnprintf
_snprintf
strrchr
fwrite
calloc
__p__commode
__p___initenv
_controlfp
__setusermatherr
fputc
_adjust_fdiv
_write
free
strncpy
sqrt
__p__fmode
_XcptFilter
fprintf
_initterm
strlen
_exit

comdlg32

GetOpenFileNameA

kernel32

RaiseException
GetShortPathNameA
VirtualProtectEx
SetFilePointer
GetSystemDirectoryA
GetSystemTime
GlobalLock
FileTimeToLocalFileTime
FreeEnvironmentStringsA
GetSystemDirectoryW
OpenProcess
lstrcmpiW
FileTimeToDosDateTime
GetNumberFormatA
GetWindowsDirectoryA
InterlockedCompareExchange
LCMapStringA
TerminateProcess
VirtualQuery
VirtualAlloc

user32

TranslateMessage
SetClassLongA
RemoveMenu
GetCapture
IntersectRect
SetDlgItemTextA
SendMessageA
UnregisterClassA
IsChild
SetWindowPlacement
GetKeyState
GetLastActivePopup
DestroyWindow
SetPropA

comctl32

ImageList_AddMasked
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_EndDrag
InitCommonControls
ImageList_Replace
ImageList_Create
ImageList_Destroy
InitializeFlatSB
CreateStatusWindowA
ImageList_Write

ole32

OleIsCurrentClipboard
OleSetMenuDescriptor
OleFlushClipboard
CoDisconnectObject
OleDraw
CreateILockBytesOnHGlobal
StringFromCLSID
CoUninitialize
CoTaskMemFree

gdi32

SetBrushOrgEx
GetClipBox
MaskBlt
CreateCompatibleDC
GetTextExtentPointA
ExcludeClipRect
CopyMetaFileW
Rectangle
PolyDraw
StrokeAndFillPath
FillPath

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyW
RegEnumValueW
LookupPrivilegeValueA
RegSetValueExA
RegOpenKeyExA
AdjustTokenPrivileges
OpenSCManagerA
GetUserNameA
RegOpenKeyA
RegQueryValueA
RegSetValueExW
DeregisterEventSource
OpenSCManagerW
RegEnumValueA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ca383b1abf48b5ec5bbac6d4db224b7

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

comctl32

ole32

gdi32

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 47KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 47KB

.rsrc
Size: 23KB - Virtual size: 22KB