4cb552ce41fd69ed97ea1c25cbbc13b6

Sharing

Copy URL Twitter E-mail

General

Target

4cb552ce41fd69ed97ea1c25cbbc13b6
Size

154KB
MD5

4cb552ce41fd69ed97ea1c25cbbc13b6
SHA1

b1272705f1558c6430084bdaff1397fefeb9f2a6
SHA256

41bfb581eee4a41d28f15396d1e776f5fd8060275bb87b769d31d0d392629009
SHA512

0599c36737230ebeb23a68277ea0091b01448f4b769e29340eb0ff01df4346f00e16ca09a13c436769c0be4dfd8b2b7d2ba720e76abdb2b921662c2a296badfb
SSDEEP

3072:ls8+apZRTHnPbJ0QjqFLpOr44R6xBPePWvs+wQNepmzX+Oh5QMJ9jKYT:/+aJHnjJ0QmFLpc4B4WoQ9Zlv/T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cb552ce41fd69ed97ea1c25cbbc13b6

Files

4cb552ce41fd69ed97ea1c25cbbc13b6
.exe windows:4 windows x86 arch:x86

ccd45e70e0a412da0c26187fdcf4f212

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
ReadConsoleW
SetCommState
GetCalendarInfoW
GetUserDefaultLCID
DisconnectNamedPipe
GetDriveTypeA
_lwrite
GetTapePosition
EnumSystemLanguageGroupsW
SetEndOfFile
PeekConsoleInputW
CreateIoCompletionPort
SetCommConfig
GetSystemDirectoryW
GetTempPathA
SetCalendarInfoW
GetBinaryTypeW
UnregisterWaitEx
GetHandleInformation
SetConsoleTitleA
RemoveDirectoryA
GetExitCodeProcess
ReadFile
EnumDateFormatsExW
GetPrivateProfileStringW
GetExitCodeThread
LocalCompact
GetStdHandle
DeleteTimerQueue
GetThreadPriority
GetTapeStatus
WaitForMultipleObjects
BuildCommDCBW
GetFileInformationByHandle
GetModuleHandleA
OpenWaitableTimerW
GenerateConsoleCtrlEvent
CreateEventA
EnumLanguageGroupLocalesA
FreeEnvironmentStringsW
FindAtomA
GetCurrentProcessId
GlobalFindAtomA
GetLocaleInfoW
GlobalFlags
BindIoCompletionCallback
GlobalUnfix
CallNamedPipeW
LCMapStringA
GetSystemInfo
VirtualQuery
CancelWaitableTimer
DeleteTimerQueueEx
ReadConsoleOutputCharacterA
UnlockFile
SetFileApisToANSI
CreateEventW
ScrollConsoleScreenBufferA
GetStartupInfoA
WriteProfileStringW
SetFileAttributesW
RegisterWaitForSingleObjectEx
GetSystemWindowsDirectoryW
GetThreadSelectorEntry
CreateNamedPipeW

msvcrt

getc
strftime
_wexeclpe
_waccess
exp
qsort
_acmdln
_adjust_fdiv
clock
_adj_fdivr_m32i
_mbbtype
__getmainargs
_mbslwr
wcsspn
_pwctype
_mbsncat
_except_handler3
_scprintf
_mbsncoll
_initterm
_rotl
__p__fmode
mktime
_vsnwprintf
wcstok
_getche
_assert
iswalnum
_set_sbh_threshold
_wspawnlp
_heapadd
_swab
ctime
__setusermatherr
_flsbuf
_wfsopen
_fsopen
_beginthreadex
_snprintf
_wgetenv
_XcptFilter
_fputchar
_wexeclp
_rmdir
_setmbcp
_futime64
_finite
localeconv
_nextafter
wcscmp
mblen
_stati64
_iob
_wgetcwd
iswpunct
__p__commode
_endthreadex
_wutime
exit
__set_app_type
_isctype
_wgetdcwd
_msize
_mbsncmp
_mbsnextc
_exit
_endthread
_putwch
_controlfp
_ismbcalnum
_setmode
_mbsrchr
_mbsinc
_lsearch
_wsplitpath
_mbsnicoll
_ismbcalpha

user32

EnumDisplaySettingsA
EnumDesktopsA
EnumDisplaySettingsW
EqualRect
SetMenuContextHelpId
EnumDesktopWindows
GetWindowTextW
GetDlgItemTextA
RegisterClassExA
SetDebugErrorLevel
CallMsgFilterW
BeginPaint
DdeFreeStringHandle
SwitchDesktop
GetClassWord
CreateDialogIndirectParamA
RegisterDeviceNotificationW
FlashWindow
DdeQueryNextServer
FindWindowExA
SetDoubleClickTime
IsCharUpperW
DefWindowProcA
AnyPopup
ValidateRgn
GetWindowTextLengthW
GrayStringA
wvsprintfA
IsMenu
GetWindowRect
BroadcastSystemMessageW
GetListBoxInfo
UnionRect
DrawTextW
DdeNameService
GetActiveWindow
UnhookWinEvent
SetScrollRange
ValidateRect
SendIMEMessageExA
GetProcessDefaultLayout
CreateMDIWindowA
SetUserObjectInformationW
DefMDIChildProcW
EnumWindows
GetWindowTextA
BeginDeferWindowPos
CreateIcon
SetWindowsHookW
GetCursor
CallWindowProcW
DdeUninitialize
IMPSetIMEW
GetInputState
DefDlgProcW
GetClipboardFormatNameA
PostMessageA
DefMDIChildProcA
TileWindows
WinHelpW
GetSysColor
RealChildWindowFromPoint
OemKeyScan
PeekMessageW
CharLowerBuffA

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccd45e70e0a412da0c26187fdcf4f212

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 512B - Virtual size: 68KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 512B - Virtual size: 68KB

.rsrc
Size: 9KB - Virtual size: 8KB