4cf3d90f0cc15ef7005701c59bf8a21d

Sharing

Copy URL

Twitter E-mail

General

Target

4cf3d90f0cc15ef7005701c59bf8a21d
Size

141KB
MD5

4cf3d90f0cc15ef7005701c59bf8a21d
SHA1

69554d6714f939f5dfcaa6e82f31c4af1cf7b748
SHA256

f0263faeb0edbad7ec3340b9b069d1793f36173c8d4fb080a0ad1838029258a4
SHA512

329a42206fbac45bf1da2450827e1a62c1788fd52eeb1c802a440d8084ccaa32d1a89f875fbe24cd274d3fd433e04d10b760914f88f33d9a4b65011ab6e0067e
SSDEEP

3072:PhdpmhosHCD3OD5zfUh0hxcR58SvcffyBRcgT5dV:VcmD3Oyx8GcffyBZ5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cf3d90f0cc15ef7005701c59bf8a21d

Files

4cf3d90f0cc15ef7005701c59bf8a21d
.exe windows:5 windows x86 arch:x86

cf4b830122a282c4c8511e401c428396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetUserDefaultLCID
IsBadReadPtr
GetFileAttributesW
GlobalAlloc
GetSystemDirectoryW
DeleteFileA
GetEnvironmentVariableA
SetHandleCount
VirtualProtect
GlobalFree
WritePrivateProfileStringA
GetStartupInfoA
FlushFileBuffers

msvcrt

_initterm
log
vsprintf
_read
__setusermatherr
__p__fmode
_get_osfhandle
__p__commode
_XcptFilter
putchar
_c_exit
_acmdln
__set_app_type
__badioinfo
_controlfp
__getmainargs
_isatty
exit
_adjust_fdiv
_except_handler3

user32

GetDCEx
CharNextA
InsertMenuA
DrawEdge
RedrawWindow
EndDialog
DrawTextA
GetMenuState
CreatePopupMenu
InflateRect
WindowFromPoint
GetCursorPos
GetKeyState

version

VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
VerLanguageNameA

gdi32

Pie
CreateHatchBrush
CreateBitmap
PtInRegion
GetObjectW
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateICA

shell32

SHCreateDirectoryExA
DragFinish
DragQueryFileA
Shell_NotifyIconW
SHGetFolderPathW
SHFileOperationA
SHGetDiskFreeSpaceExW
DragAcceptFiles
DragQueryFileW
SHFileOperationW
ShellExecuteW
SHAppBarMessage
SHGetFolderPathA

advapi32

CryptDestroyHash
RegQueryValueExW
OpenServiceA
EqualSid
InitializeAcl
CryptGenRandom

comctl32

ImageList_Remove
ImageList_SetDragCursorImage
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Replace
ImageList_SetImageCount
ImageList_LoadImageA
ImageList_GetIcon

ole32

StgOpenStorage
CoGetClassObject
CoTaskMemAlloc
OleRun
ProgIDFromCLSID
CoUninitialize

oleaut32

VariantInit
SafeArrayGetElement
VariantCopy
GetActiveObject
SysFreeString
SafeArrayUnaccessData
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayPutElement

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf4b830122a282c4c8511e401c428396

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

version

gdi32

shell32

advapi32

comctl32

ole32

oleaut32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 28KB - Virtual size: 27KB