4d1e030ae08d7415ba8daabd990e8856

Sharing

Copy URL Twitter E-mail

General

Target

4d1e030ae08d7415ba8daabd990e8856
Size

435KB
MD5

4d1e030ae08d7415ba8daabd990e8856
SHA1

4356a573f1513c250e98b3d457434c186a3fad41
SHA256

b9636a4d480d77fbcaeb4545990d4acf34976b0d3af2e4663de24c17af08dbc1
SHA512

1856ed2c88bb09ae6a2dbbe9b5002bcd2b53add1b662fc2cbe738dbcd05d44cec74914589ceecf485f2a21f0423731c21b15be3edfdcf444b711b273b6903ba5
SSDEEP

12288:o3zXQOApffkcxY3AQ9KXB1kAgz9u5tqTKstN:QNsTYQVfHwu5tqhz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1e030ae08d7415ba8daabd990e8856

Files

4d1e030ae08d7415ba8daabd990e8856
.exe windows:4 windows x86 arch:x86

13d260064d1d89d8177851b7edc6a11e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CancelDC
GetPaletteEntries
GetRasterizerCaps
GetColorAdjustment

shell32

SHGetDataFromIDListA
ExtractIconEx
SHGetFileInfoW
RealShellExecuteW
ExtractIconW
ShellExecuteExW
FreeIconList
SHFileOperationA
SHFileOperationW

comdlg32

ChooseFontA
GetFileTitleA
GetSaveFileNameW
PageSetupDlgA
GetSaveFileNameA
ReplaceTextA
ReplaceTextW
ChooseColorA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
PrintDlgA
PrintDlgW

wininet

FindCloseUrlCache
InternetShowSecurityInfoByURLA
FtpPutFileA
FtpCommandA
InternetTimeToSystemTime
CreateUrlCacheGroup
InternetCrackUrlW
FindFirstUrlCacheContainerW
SetUrlCacheEntryGroupW
ShowClientAuthCerts
FtpPutFileW
DeleteUrlCacheContainerA
InternetGetConnectedStateExA
InternetCreateUrlA
InternetCrackUrlA
GopherOpenFileA
InternetGetConnectedStateEx
InternetFindNextFileA
UnlockUrlCacheEntryFile

kernel32

IsValidCodePage
TlsSetValue
TlsGetValue
VirtualAlloc
GetFileType
GetStringTypeA
HeapDestroy
EnumResourceLanguagesA
InterlockedExchange
GetEnvironmentStrings
GetUserDefaultLCID
SetHandleCount
LoadResource
GetModuleHandleA
CompareStringA
WideCharToMultiByte
GetTimeZoneInformation
SetEnvironmentVariableA
GetProcAddress
CompareStringW
GetStdHandle
lstrcpynA
lstrcatA
HeapReAlloc
LCMapStringW
GetVersionExA
WaitForSingleObjectEx
EnterCriticalSection
GetVolumeInformationA
HeapFree
GetSystemTimeAsFileTime
GetSystemInfo
GetTimeFormatA
VirtualProtect
GetACP
HeapCreate
IsBadWritePtr
LockFileEx
EnumTimeFormatsW
HeapSize
TlsAlloc
FileTimeToSystemTime
GetCPInfo
SetThreadAffinityMask
IsValidLocale
LeaveCriticalSection
GetCommandLineA
GetLocaleInfoW
LCMapStringA
GetLogicalDriveStringsA
GetCurrentProcessId
MultiByteToWideChar
LoadLibraryA
GetCurrentThread
LockFile
GetTickCount
QueryPerformanceCounter
TlsFree
FindFirstFileA
TerminateProcess
FoldStringA
SetLastError
DeleteCriticalSection
EnumDateFormatsA
GetCurrentThreadId
GetOEMCP
WriteFile
GetCurrentProcess
GetStartupInfoA
RtlUnwind
VirtualFree
HeapAlloc
GetShortPathNameA
lstrcmpi
EnumSystemLocalesA
GetDateFormatA
GetLastError
GetModuleFileNameA
GetLocaleInfoA
ExitProcess
GetEnvironmentStringsW
UnhandledExceptionFilter
GetWindowsDirectoryA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
FreeEnvironmentStringsW
InitializeCriticalSection
VirtualQuery

user32

VkKeyScanW
InvertRect
SetWindowsHookExW
AnyPopup
GetAsyncKeyState
DestroyCursor
EndMenu
CharNextA
SetMenuContextHelpId
KillTimer
SendMessageTimeoutA
DrawTextExA
DdeKeepStringHandle
SendInput
RemovePropW
PostMessageA
EnumClipboardFormats
DdeAccessData

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13d260064d1d89d8177851b7edc6a11e

Headers

File Characteristics

Imports

gdi32

shell32

comdlg32

wininet

kernel32

user32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 307KB - Virtual size: 306KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 307KB - Virtual size: 306KB

.rsrc
Size: 10KB - Virtual size: 10KB