4ea3e4cff0c9a6f7409c1ce6c264f918

Sharing

Copy URL Twitter E-mail

General

Target

4ea3e4cff0c9a6f7409c1ce6c264f918
Size

486KB
MD5

4ea3e4cff0c9a6f7409c1ce6c264f918
SHA1

d3a9b92d485a82282ef5400953e424797049408e
SHA256

16008f53ace0855700b0fd92645a8eb67634c1a1d02e6be61d28345c12f5185a
SHA512

e5e399f2b5913024ea73d75ad3013a49c30543ed29d0cc23db7c8d02af626f2ee88fb5d9b3938411b3649357e41b7771f794d8c1c9f0a7a64c67a96883fc17fb
SSDEEP

12288:JFSexaJK2J44D+96ySuSh/Yglos1+fFELz2KFt0atm:lO4L9WZes1+fF42Kkaw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ea3e4cff0c9a6f7409c1ce6c264f918

Files

4ea3e4cff0c9a6f7409c1ce6c264f918
.exe windows:5 windows x86 arch:x86

f87e701744476e45c5c52ff8078b4442

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpSetOption
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpWriteData
WinHttpOpenRequest
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpCrackUrl
WinHttpCloseHandle
WinHttpOpen
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpQueryHeaders

shlwapi

PathStripPathW
StrToIntExW
PathRemoveFileSpecW
PathRenameExtensionW
PathIsDirectoryW
PathFileExistsW
StrStrIW
SHCreateStreamOnFileEx

kernel32

FreeEnvironmentStringsA
lstrcmpiA
LoadLibraryW
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateThread
lstrcmpiW
GetVersionExW
WaitForMultipleObjects
Sleep
lstrlenW
GetFileAttributesW
CreateFileW
CloseHandle
GetModuleFileNameW
GetFileSize
SetFilePointer
ReadFile
WriteFile
MultiByteToWideChar
GetLastError
lstrcpyW
MoveFileW
WideCharToMultiByte
GetTempPathW
GetTempFileNameW
lstrcpynW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventW
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GetModuleHandleW
DeleteFileW
lstrcatW
GetExitCodeProcess
lstrlenA
GetEnvironmentStrings
CreateMutexW
HeapSize
GetModuleFileNameA
ExitProcess
GetFileType
GetStdHandle
SetHandleCount
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedDecrement
InterlockedIncrement
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ExpandEnvironmentStringsW
GetModuleHandleA

user32

CreatePopupMenu
AppendMenuW
GetCursorPos
TrackPopupMenuEx
DestroyMenu
GetDlgCtrlID
GetAncestor
MessageBoxW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PostMessageW
EndDialog
PostQuitMessage
GetMessageW
SetWindowPos
LoadIconW
CreateDialogParamW
GetSysColorBrush
FillRect
GetWindowTextLengthW
EnableWindow
BeginPaint
BringWindowToTop
IsWindow
GetWindowTextW
EnumChildWindows
MoveWindow
GetWindowRect
CreateWindowExW
DrawTextW
UpdateWindow
SetWindowTextW
InvalidateRect
ReleaseDC
DrawFrameControl
GetClientRect
GetDC
GetParent
SetPropW
GetWindowLongW
SetCursor
LoadCursorW
CallWindowProcW
SetFocus
ShowWindow
RemovePropW
SetWindowLongW
GetPropW
SendMessageW
GetDlgItem
MapWindowPoints
ScreenToClient
EndPaint
MessageBeep
CreateDialogIndirectParamW
IsDlgButtonChecked
SetDlgItemTextW
SetTimer
KillTimer
CheckDlgButton
DestroyWindow

gdi32

SelectObject
GetTextExtentPoint32W
CreateFontW
DeleteObject
CreatePatternBrush
BitBlt
CreateDIBSection
GetStockObject
GetObjectW
CreateFontIndirectW
SetTextColor
SetBkMode
CreateSolidBrush
CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHCreateDirectoryExW
Shell_NotifyIconW
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderPathW

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemFree

windowscodecs

WICConvertBitmapSource

msimg32

AlphaBlend

comctl32

ord17

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f87e701744476e45c5c52ff8078b4442

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

windowscodecs

msimg32

comctl32

Sections

.text Size: 296KB - Virtual size: 296KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 296KB - Virtual size: 296KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 18KB - Virtual size: 18KB