4c64cac37d8de768b5ce2806dfee9ea5

Sharing

Copy URL Twitter E-mail

General

Target

4c64cac37d8de768b5ce2806dfee9ea5
Size

8.1MB
MD5

4c64cac37d8de768b5ce2806dfee9ea5
SHA1

9a480223db8baf16c6896c2dd6d24aca62f2bcf2
SHA256

72c343762e0f2cbe19e1d86698a3958377d6b1e73220b3e804af0f7ed15cc03f
SHA512

d28a8af5732b63ff2f41ca125e4b52b0ae21f747a0fbc77506954dd71b91f2e7027fa3acc05c29bfa2cc657b57f2a4e4ec8d5d9ad8ccc10184d11ea603bf7e03
SSDEEP

196608:mimSPgjnTkY+STpbVoSxFZq+VkF82YsdEMWc4trw:mimh/kNeb6Svrw4dw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c64cac37d8de768b5ce2806dfee9ea5

Files

4c64cac37d8de768b5ce2806dfee9ea5
.exe windows:5 windows x86 arch:x86

8d76b5cbd524b0eaa6363dbc85a361cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
MulDiv
FreeLibrary
LoadLibraryA
CompareStringW
CompareStringA
GetTimeZoneInformation
FlushFileBuffers
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
CreateProcessA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
InterlockedExchange
SetConsoleCtrlHandler
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapReAlloc
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
GetExitCodeProcess
lstrcpyA
lstrcatA
MultiByteToWideChar
LockResource
OutputDebugStringA
FindResourceA
LoadResource
SizeofResource
CreateFileA
WriteFile
CloseHandle
FreeResource
LCMapStringA
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
DeleteCriticalSection
SetEnvironmentVariableA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
GetCommandLineA
GetStartupInfoA
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapAlloc
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

GetClientRect
SendMessageA
GetDC
LoadImageA
SetClassLongA
EndDialog
CreateDialogParamA
SetWindowPos
DestroyWindow
SetWindowTextA
CheckDlgButton
GetWindowTextA
GetDlgItemTextA
EnableWindow
IsDlgButtonChecked
DialogBoxParamA
CreateWindowExA
GetDlgItem
ReleaseDC
BeginPaint
FillRect
EndPaint
GetParent
PostMessageA
SendDlgItemMessageA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
SetDlgItemTextA
LoadBitmapA
MessageBoxA
GetWindowLongA
LoadStringA

gdi32

GetDeviceCaps
SetBkMode
SetBkColor
CreateSolidBrush
DeleteObject
GetObjectA
CreateFontIndirectA
GetStockObject

advapi32

RegOpenKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shell32

SHCreateDirectoryExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFolderPathA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.6MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d76b5cbd524b0eaa6363dbc85a361cb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 151KB - Virtual size: 151KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 8.6MB - Virtual size: 8.6MB

.text
Size: 151KB - Virtual size: 151KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 8.6MB - Virtual size: 8.6MB