4d6112e9b244dd7c6833640ca1993694

Sharing

Copy URL Twitter E-mail

General

Target

4d6112e9b244dd7c6833640ca1993694
Size

270KB
MD5

4d6112e9b244dd7c6833640ca1993694
SHA1

b6e2712ed107ab305d37d500011bcfcdcf9719f6
SHA256

c1bd243dea1455506850a4a8f13e162fb166e392144eff35189e0ce58de362b4
SHA512

d28fecbf8d703e42d6824449aa65bfb7f27794e6d406ba4605bcfd38ee842b58deb7306e5e1bc237bf7b8529b9ebc413e835246267abc7736938418a8d08af8e
SSDEEP

6144:MGE1j1vhqDpX+xCm7mINn4DECDocysJkzwol70N24ev1C+hB:MGE7QDYxCmRKPxkPttbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d6112e9b244dd7c6833640ca1993694

Files

4d6112e9b244dd7c6833640ca1993694
.exe windows:4 windows x86 arch:x86

120c7f23c5c090590d65e6a1e35b010b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateEnhMetaFileA
SetColorSpace
CreateDCA

wininet

InternetSetDialState
InternetQueryOptionW
ShowX509EncodedCertificate
InternetConnectW
DeleteIE3Cache
InternetDialW
RetrieveUrlCacheEntryStreamW
InternetCanonicalizeUrlA

user32

LoadImageA
GetKeyNameTextW
LoadMenuA
GetWindow
FillRect
GrayStringW
SetWindowTextW
EnumPropsExA
CreateDialogIndirectParamA
ActivateKeyboardLayout
VkKeyScanExA
OpenInputDesktop

comdlg32

GetSaveFileNameW
PrintDlgA
PrintDlgW
GetFileTitleA
ChooseFontW
GetFileTitleW
LoadAlterBitmap
FindTextW

kernel32

SetConsoleCtrlHandler
FreeLibrary
TlsSetValue
GetOEMCP
GetLocaleInfoW
GetEnvironmentStrings
CompareStringW
GetUserDefaultLCID
FreeEnvironmentStringsW
InterlockedDecrement
GetCurrentProcess
HeapFree
LCMapStringA
CompareStringA
Sleep
GetLastError
SetLastError
TlsAlloc
SetUnhandledExceptionFilter
WriteFileEx
DeleteCriticalSection
GetCPInfo
GetStdHandle
FreeEnvironmentStringsA
EnumSystemLocalesA
TlsGetValue
GetLocaleInfoA
SetEnvironmentVariableA
UnhandledExceptionFilter
IsValidLocale
GetStringTypeW
RtlUnwind
GetProcAddress
GetCurrentProcessId
GetEnvironmentStringsW
InterlockedIncrement
InterlockedExchange
GetVersionExA
HeapSize
GetTimeFormatA
GetCurrentThread
WriteFile
GetStringTypeA
GetFileType
GetStartupInfoA
GetProcessHeap
QueryPerformanceCounter
ExitProcess
HeapCreate
GetACP
IsValidCodePage
WideCharToMultiByte
EnterCriticalSection
VirtualQuery
LoadLibraryA
GetCurrentThreadId
VirtualAlloc
SetHandleCount
GetModuleHandleA
HeapDestroy
GetSystemTimeAsFileTime
GetTickCount
GetModuleFileNameA
GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
HeapReAlloc
VirtualFree
TerminateProcess
HeapAlloc
TlsFree
GetDateFormatA
GetCommandLineA
IsDebuggerPresent
LCMapStringW
MultiByteToWideChar

shell32

DragQueryFileW
DoEnvironmentSubstW
ExtractAssociatedIconW
FindExecutableA
FreeIconList
SHBrowseForFolder
SHGetMalloc
ShellExecuteA

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

120c7f23c5c090590d65e6a1e35b010b

Headers

File Characteristics

Imports

gdi32

wininet

user32

comdlg32

kernel32

shell32

Sections

.text Size: 143KB - Virtual size: 143KB

.data Size: 113KB - Virtual size: 112KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 143KB - Virtual size: 143KB

.data
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 13KB - Virtual size: 12KB