4b6dc2cac6ba859b3271cceb91367f91

Sharing

Copy URL Twitter E-mail

General

Target

4b6dc2cac6ba859b3271cceb91367f91
Size

209KB
MD5

4b6dc2cac6ba859b3271cceb91367f91
SHA1

fcc6f2e7f583d987a128ce57aaf285718faf279c
SHA256

3c8acfd9f8874909f536672a6958678bcf2e2ca7894761988cc072c575697af8
SHA512

7a1ee9ede4c69b2a2424d4fb856870d52b61402c62433a47f8c8c5cde49c965f071449e89b2e22e37f83273c963890c969349a848c91f7f03425b00eef94264e
SSDEEP

6144:A7mZr6JcflTBEHXScKG9gltFzMclyCKVnA2Agt:16JcmXSc59gHFzMccCJ2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b6dc2cac6ba859b3271cceb91367f91

Files

4b6dc2cac6ba859b3271cceb91367f91
.exe windows:4 windows x86 arch:x86

fbe25cf7c8a4d1a9e5b25d10aeeac82d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
GetWindowTextLengthA
IsDialogMessageA
SetWindowTextA
AnyPopup
GetWindowRect
SetDlgItemTextA
GetMessageTime
PostThreadMessageA
GetQueueStatus
GetWindowTextA

ole32

CoResumeClassObjects
OleIsCurrentClipboard
StringFromGUID2
CoInstall
CoRegisterClassObject
GetRunningObjectTable

oledlg

ord10
ord5
ord8
ord12
ord2
ord3
ord11
ord4
ord7

comctl32

UninitializeFlatSB
InitCommonControlsEx
CreateToolbarEx

advapi32

RegQueryInfoKeyA
RegSetValueA
RegQueryValueExA

shlwapi

StrChrW
StrChrIW

kernel32

HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
LoadLibraryA
MultiByteToWideChar
LCMapStringW
LCMapStringA
GetStringTypeA
GetStringTypeW
WriteFile
GetCommandLineA
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetProfileIntA
WritePrivateProfileStringA
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zdiq
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ylkqk
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbe25cf7c8a4d1a9e5b25d10aeeac82d

Headers

File Characteristics

Imports

user32

ole32

oledlg

comctl32

advapi32

shlwapi

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 90KB

zdiq Size: 267KB - Virtual size: 267KB

ylkqk Size: 126KB - Virtual size: 126KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 90KB

zdiq
Size: 267KB - Virtual size: 267KB

ylkqk
Size: 126KB - Virtual size: 126KB

.rsrc
Size: 5KB - Virtual size: 5KB