4c2dcf66344707b06a8c16df376b035f

Sharing

Copy URL Twitter E-mail

General

Target

4c2dcf66344707b06a8c16df376b035f
Size

520KB
MD5

4c2dcf66344707b06a8c16df376b035f
SHA1

5dd1fc58ad44383cb524c61141312f42b8b6d4f6
SHA256

e75d13e2f0c8b044925b1e17e3e5945fd590e70014d523fac50b63f24a1e61e6
SHA512

f0f1410fb361cbc68319cf36688f0cd87601e7b6b830045e82191f94a0d3a7c2e2ee20f249a4a728c16162666e86cfd45c2b85554249dc9f0197f4549082ea0d
SSDEEP

12288:cvnEQyOC1urYw681lWmE+i8xrMYYaXSPMATyr5U:KHAm6w9EjorMRaCERre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c2dcf66344707b06a8c16df376b035f

Files

4c2dcf66344707b06a8c16df376b035f
.exe windows:4 windows x86 arch:x86

07d795c1774260b9917cc087a425723a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
DeleteObject
SelectObject
GetStockObject
GetDeviceCaps
SetTextColor

kernel32

GlobalUnlock
GetCommandLineA
HeapDestroy
SetLastError
SetUnhandledExceptionFilter
SetEndOfFile
TlsSetValue
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TerminateProcess
SetEvent
LeaveCriticalSection
GetVersionExA
CreateProcessW
GetConsoleMode
IsDebuggerPresent
FlushFileBuffers
CloseHandle
GetStartupInfoA
QueryPerformanceCounter
InterlockedExchange
InterlockedDecrement
DuplicateHandle
GetStringTypeA
GetSystemTimeAsFileTime
Sleep
FreeEnvironmentStringsA
ReleaseMutex
GetProcAddress
LoadResource
LoadLibraryW
LoadLibraryA
WriteFile
HeapCreate
HeapFree
HeapReAlloc
LockResource
GetStdHandle
HeapAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCurrentThread
TlsFree
GetModuleFileNameW
WideCharToMultiByte
LCMapStringW
lstrlenA
GetLocaleInfoA
MultiByteToWideChar
lstrcmpiW
FormatMessageA
SetHandleCount
GetACP
ReadFile
SetFilePointer
GetFileType
UnhandledExceptionFilter
CreateFileA
CreateFileW
FindFirstFileW
GetModuleFileNameA
GetShortPathNameA
GetFileAttributesA
GetLastError
VirtualAlloc
ExitProcess
GetModuleHandleA
GetVersion
GetCurrentProcess
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
GetEnvironmentVariableA
VirtualFree
RtlUnwind
InterlockedIncrement
GetCPInfo
GetOEMCP
GetStringTypeW
LCMapStringA

user32

DispatchMessageA
RegisterClassA
CallWindowProcA
SetWindowPos
SetForegroundWindow
SetWindowLongA
EndDialog
DefWindowProcA
GetWindowRect
TranslateMessage
KillTimer
EndPaint

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 412KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07d795c1774260b9917cc087a425723a

Headers

File Characteristics

Imports

gdi32

kernel32

user32

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 412KB - Virtual size: 410KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 412KB - Virtual size: 410KB

.rsrc
Size: 4KB - Virtual size: 3KB