4e685980fdafc4499db359c7f4603da3

General

Target

4e685980fdafc4499db359c7f4603da3
Size

177KB
MD5

4e685980fdafc4499db359c7f4603da3
SHA1

9ab2a31c58416b88b14cc99ebe41c33b2c2f209e
SHA256

7dd8bf92e5b97b132719051f1e76a4ce355c1f68e7a83f4074b3052c1e37ad8a
SHA512

ff686e7f3ae71904913679b25daa863d5a3a23cf249dcda8135cf513e9e302a7315f5caa83668cea94dd7c74a11a0653b0900822623fee9cbb1d1c1b0ae8d7b9
SSDEEP

3072:AMq7vlFIFC2xxa0M1NkUuXD02/52kPzxz2W5B2QQaP6LkDNJ2SG:AZvvIn2nkUL2/5zDQSfm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e685980fdafc4499db359c7f4603da3

Files

4e685980fdafc4499db359c7f4603da3
.dll windows:4 windows x86 arch:x86

8579286a3fc90d83a731f3a63b8eb0e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetFocus
GetWindowTextLengthA
IsCharUpperA
GetDlgItem
wsprintfA
GetSystemMetrics
GetSysColorBrush
GetDesktopWindow
CreateWindowExA
IsWindowEnabled
GetMenu

oleaut32

SafeArrayPtrOfIndex
SysReAllocStringLen

kernel32

IsBadHugeReadPtr
FreeResource
LocalAlloc
lstrcpynA
LockResource
GetFullPathNameA
HeapDestroy
ExitProcess
VirtualAlloc
Sleep
GlobalFindAtomA
GetThreadLocale
LoadLibraryExA
GetTickCount
CompareStringA
GetCommandLineA
ResetEvent
HeapFree
GetStdHandle
lstrcatA
GetACP
GlobalAlloc
IsBadReadPtr
InitializeCriticalSection

shell32

SHFileOperationA
SHGetDesktopFolder

shlwapi

PathIsContentTypeA
SHQueryInfoKeyA
PathGetCharTypeA
SHStrDupA
SHEnumValueA

Exports

Exports

vLkpVOb@12
_AHNGD
_8z0yIB3Ik0@20
eRVM7E@20

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8579286a3fc90d83a731f3a63b8eb0e6

Headers

File Characteristics

Imports

user32

oleaut32

kernel32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 173KB

.data Size: 158KB - Virtual size: 158KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 173KB

.data
Size: 158KB - Virtual size: 158KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 2KB - Virtual size: 2KB