4d4e3fd7316557cf6e654edcf7e251e9

Sharing

Copy URL Twitter E-mail

General

Target

4d4e3fd7316557cf6e654edcf7e251e9
Size

158KB
MD5

4d4e3fd7316557cf6e654edcf7e251e9
SHA1

575d0b283c8d36dce56f341f1ac41f47b0b6c02b
SHA256

7dd1b0a3358954822854c2d6a38a446ad8ceb5e07a74f2c68aad7cd8cec18790
SHA512

e579bfb7dc55faba56e053a159a0a46d613835fa2b436fdf691dacdc3f2ce59f4786022018b2e5179ab2b2a5acd603784b02dc7c2b503c03e095be993fe0a9c3
SSDEEP

3072:A4tr0KTOHv1DegJAHdkMu4m3WEfRZtDpnU0jp3x8Tv57IkSU4/w6q:ACI6qv1DxydG4m3LU038j57ts46

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d4e3fd7316557cf6e654edcf7e251e9

Files

4d4e3fd7316557cf6e654edcf7e251e9
.exe windows:4 windows x86 arch:x86

d5bf7a6ec98770c4a08470296fea0431

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetModuleHandleW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
VirtualAlloc
HeapFree
HeapAlloc
Sleep
ExitProcess
LocalAlloc
InitializeCriticalSection
LocalFree
GetStringTypeW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

user32

GetWindowLongA
GetDesktopWindow
PostMessageW
BeginPaint
InvalidateRect
CopyAcceleratorTableW
DrawIconEx
GetIconInfo
SetDlgItemTextW
DrawEdge
GetKeyNameTextA
GetWindowTextA
GetWindowTextLengthA
RegisterClassExA
GetClassInfoExA
AppendMenuA
CallWindowProcA
GetMessageA
GetWindowThreadProcessId
TrackPopupMenu
GetCursorPos
AppendMenuW
CreatePopupMenu
DrawFrameControl
FillRect
GetSysColorBrush
GetActiveWindow
DefWindowProcA
DispatchMessageA
CreateDialogIndirectParamA
DialogBoxIndirectParamA
ValidateRect

advapi32

RegOpenKeyExA
OpenSCManagerA
RegQueryValueExA
OpenServiceA
OpenThreadToken
QueryServiceStatus
RegCloseKey

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoRegisterSurrogate
CoRevokeClassObject

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5bf7a6ec98770c4a08470296fea0431

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 64KB - Virtual size: 446KB

.xdata Size: 1024B - Virtual size: 740B

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 988B

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 64KB - Virtual size: 446KB

.xdata
Size: 1024B - Virtual size: 740B

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 988B