4d9fb7447dac89f00344ba32827ebc54

General

Target

4d9fb7447dac89f00344ba32827ebc54
Size

206KB
MD5

4d9fb7447dac89f00344ba32827ebc54
SHA1

5dee1fda9dc7364625be967837f93194359a2815
SHA256

e473c9feefadfabfbcf717d97f93f1220552f430b6df187f1f7acf2f0c8b6e79
SHA512

0b08b6debca89dc45b48aabedc273c9cf2a8ac1fd4ffaae2937879cc67b276701efa07f458162953b811263eb59a82d954a406e4ec956b3019513f2962c0b990
SSDEEP

6144:o7I86o8lXj0ghEejgcoZOok9by56LCPM:KYo8lXj0ghEejgcokok9bg6LI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d9fb7447dac89f00344ba32827ebc54

Files

4d9fb7447dac89f00344ba32827ebc54
.exe windows:4 windows x86 arch:x86

a733c0bb5832c7347e501dbd0657d63e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

user32

RealGetWindowClass
EmptyClipboard
UnhookWindowsHookEx
DefWindowProcW
ClipCursor
CallNextHookEx
IsClipboardFormatAvailable
SetScrollRange
SetWindowPos
SetClipboardData
DestroyCursor
RegisterClassW
GetSysColorBrush
ToAscii
WinHelpW
ChildWindowFromPoint
SetWindowsHookExW
DestroyIcon
DrawEdge
GetSysColor

kernel32

GetProfileStringW
CreateFiber
LocalAlloc
GetVolumeInformationW
SearchPathW
FileTimeToLocalFileTime
GetFileTime
GetFileType
TerminateProcess
IsDBCSLeadByte
EnumResourceNamesA
VerLanguageNameW
GetSystemTime
FindResourceExA
SetEndOfFile
GetVersionExW
FlushFileBuffers
GetFileAttributesA
FlushFileBuffers
GetUserDefaultLangID
FileTimeToSystemTime
UnlockFile
CompareStringW
LockFile
GetSystemDirectoryW

comdlg32

GetFileTitleA

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a733c0bb5832c7347e501dbd0657d63e

Headers

File Characteristics

Imports

rpcrt4

user32

kernel32

comdlg32

Sections

.text Size: 188KB - Virtual size: 188KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 13KB

.tls Size: 512B - Virtual size: 348KB

.text
Size: 188KB - Virtual size: 188KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 13KB

.tls
Size: 512B - Virtual size: 348KB