4cc27dcc56a506ff3dbb5efe14296dd5

Sharing

Copy URL Twitter E-mail

General

Target

4cc27dcc56a506ff3dbb5efe14296dd5
Size

53KB
MD5

4cc27dcc56a506ff3dbb5efe14296dd5
SHA1

5e1365bc06b1eee2fb4ebe9cea70827651cd2595
SHA256

6c4e07968618709d4efc96870670e526108e1fa2173e053562da209fbb60e73c
SHA512

8d4cdf4e86ae929f2c8295081923794ebebf642cc6acda37674e05048897a1304319911d933db88a896abf0dd8105dcc80917048f11a38c102086841300e868b
SSDEEP

768:uCGIOez8QIEewfPv6u1CxIT/p+HaPdBC3hnpIMRbMzJnpLU729cvtFNwptKzDpbj:uzKvRe86nxS/k3ogULAqqtFNw8Ui

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc27dcc56a506ff3dbb5efe14296dd5

Files

4cc27dcc56a506ff3dbb5efe14296dd5
.exe windows:5 windows x86 arch:x86

40e01e98c5f54b036b098d575339544b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasman

RasRpcGetSystemDirectory
RasDeviceConnect
RasSetAddressDisable
RasPortSend
RasBundleGetStatistics
RasSetConnectionUserData
RasRefConnection
RasPortCancelReceive
RasPortOpen
RasPortReceiveEx
RasRpcGetErrorString
RasPortOpenEx
RasPortGetProtocolCompression
RasGetNdiswanDriverCaps
RasGetConnectInfo
RasDeviceEnum
RasPortGetBundledPort
RasGetProtocolInfo
RasPortClearStatistics
RasSetDeviceConfigInfo
RasBundleGetPort
RasGetUserCredentials
RasActivateRoute
RasPortReceive
RasGetTimeSinceLastActivity
RasSetRouterUsage
RasRpcGetCountryInfo
RasPortBundle

gdi32

PathToRegion
GetTextCharacterExtra
GdiPrinterThunk
CreateICW
GetLogColorSpaceW
GetPolyFillMode
LineDDA
PATHOBJ_vEnumStart
GetMapMode
EngEraseSurface
ColorMatchToTarget
DdEntry18
StrokeAndFillPath
SetICMMode
GdiConvertBitmap
GdiStartDocEMF
GdiPlayEMF
DdEntry29
GetFontResourceInfoW
CreateRectRgnIndirect
DdEntry46
GetRegionData
SelectPalette
DdEntry48
GdiFixUpHandle
SetBitmapAttributes
GdiSetServerAttr
CreateDCW
GetBitmapDimensionEx
GetEnhMetaFileDescriptionA
PolylineTo
SetMagicColors
DdEntry28
GdiAlphaBlend
CancelDC

kernel32

CreateIoCompletionPort
SystemTimeToTzSpecificLocalTime
VirtualAlloc
LZSeek
FindActCtxSectionStringA
NlsGetCacheUpdateCount
lstrcmpiA
SetFileShortNameW
GetStartupInfoW
lstrcmpA
WriteProfileSectionW
SetConsoleCursorMode
SetProcessWorkingSetSize
BaseCleanupAppcompatCacheSupport
GetACP
DefineDosDeviceW
InitializeCriticalSection
GetNativeSystemInfo
VDMOperationStarted
IsValidLocale
GetProcessVersion
EnumDateFormatsExA
PurgeComm
GetConsoleCP
lstrcpyn
EnumCalendarInfoExA
GetSystemDirectoryA
VirtualFree
WriteConsoleInputVDMA
AddVectoredExceptionHandler
LoadLibraryA
GetSystemWindowsDirectoryW

wldap32

ldap_abandon
ldap_rename_ext_sA
ldap_initA
ldap_modrdnW
ldap_get_valuesA
ldap_controls_free
ldap_extended_operation_sW
ldap_search_stW
ldap_search_sA
ldap_parse_page_controlA
ldap_err2string
ldap_search_s
ldap_simple_bindW
ldap_create_page_controlA
ber_skip_tag
ldap_bindA
ber_next_element
ldap_search_sW
ldap_extended_operation_sA
ldap_modify_extW
ldap_explode_dn
ldap_simple_bindA
ldap_compareA
ldap_addA
ldap_result2error
ldap_ufn2dn

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40e01e98c5f54b036b098d575339544b

Headers

DLL Characteristics

File Characteristics

Imports

rasman

gdi32

kernel32

wldap32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB