4ab1d59940a6382bc14b610e5901c2e1

Sharing

Copy URL

Twitter E-mail

General

Target

4ab1d59940a6382bc14b610e5901c2e1
Size

568KB
MD5

4ab1d59940a6382bc14b610e5901c2e1
SHA1

c239479271377e48f39ed095a7133c19d93bc5ed
SHA256

dde2df9e348f6df075493bffde94abf82f8d05a14cc3476487a9081947bfeb6c
SHA512

aaceba07d2a7b73b5ad8603a084daa968a0fd10cdb37e09f764af08e3f88336807ecffc1f486a75ef6f112efbd250af9b3ce39ec2a29db4bb00e8f6483785835
SSDEEP

12288:+R3R9oin/wq4W+YPPIDueVDXEh1lKkVHWo:+VqAPAaeVbEBKkQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab1d59940a6382bc14b610e5901c2e1

Files

4ab1d59940a6382bc14b610e5901c2e1
.exe windows:4 windows x86 arch:x86

295fe2cb6768b040868d0aea28e1350d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
SetLastError
VirtualAlloc
GetVersion
GetTickCount
CloseHandle
SetEndOfFile
WriteConsoleW
Sleep
InterlockedDecrement
FindClose
VirtualQuery
LoadResource
GetEnvironmentVariableA
WriteConsoleA
CreateEventW
CreateProcessA
LocalFree
FreeLibrary
GetModuleHandleW
GetACP
FindFirstFileW
GetSystemTimeAsFileTime
ResetEvent
WriteFile
CreateFileA
InterlockedExchange
GetFileAttributesA
SetFilePointer
GetStringTypeA
MapViewOfFile
WideCharToMultiByte
CompareStringW
TlsFree
lstrcpyA
GetProcAddress
IsDebuggerPresent
GetStartupInfoW
MultiByteToWideChar
GetCPInfo
DuplicateHandle
DeleteFileA
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
GetFileAttributesW
GetVersionExA
RemoveDirectoryA
ExitProcess
HeapDestroy
GetOEMCP
WaitForSingleObject
LoadLibraryW
LoadLibraryA
LCMapStringW
EnterCriticalSection
GetStdHandle
HeapFree
HeapAlloc
GetProcessHeap
lstrlenA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetLastError
HeapCreate
VirtualFree
RtlUnwind
InterlockedIncrement
InitializeCriticalSection
HeapReAlloc
GetStringTypeW
LCMapStringA

user32

SetCursor
GetClientRect
InvalidateRect
ScreenToClient
IsWindowVisible
GetDC
PostMessageA
ShowWindow
PostQuitMessage

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

cqaqmo
Size: 468KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ogwgagy
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ykkqgai
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

295fe2cb6768b040868d0aea28e1350d

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 27KB

cqaqmo Size: 468KB - Virtual size: 464KB

ogwgagy Size: 24KB - Virtual size: 24KB

ykkqgai Size: 44KB - Virtual size: 40KB

.text
Size: 28KB - Virtual size: 27KB

cqaqmo
Size: 468KB - Virtual size: 464KB

ogwgagy
Size: 24KB - Virtual size: 24KB

ykkqgai
Size: 44KB - Virtual size: 40KB