4f07c77ead8b2a422a7ad9b6f176a3c0

Sharing

Copy URL

Twitter E-mail

General

Target

4f07c77ead8b2a422a7ad9b6f176a3c0
Size

547KB
MD5

4f07c77ead8b2a422a7ad9b6f176a3c0
SHA1

f4041c052434b0b93a35e5a03909de2d08ac3820
SHA256

54bfc3a5797e3463ad20eea0733e586e52ec88d34261c1faeb66fc44c89b65d9
SHA512

37384caaea6f52424e9f8977e9f5bb0b06345806a51e335c4efc5ff29940f9c570e073eb182a7d9ddf35e917d2d18c085d75f124422e5d4b932c57a96748e6ef
SSDEEP

12288:QKFprKEvYuKHB4Us/n78NZd1287oFhLiRVKV3LXi0XjSD3:Q+mTHB4Uo8qfV7lzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f07c77ead8b2a422a7ad9b6f176a3c0

Files

4f07c77ead8b2a422a7ad9b6f176a3c0
.exe windows:4 windows x86 arch:x86

971b644c603cc1d8047dcf8dd407768e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
VirtualFree
CompareStringW
InitializeCriticalSection
HeapAlloc
SetStdHandle
WideCharToMultiByte
GetStartupInfoA
GetStdHandle
GetCurrentThreadId
GetLocalTime
LCMapStringA
GetFileType
SetHandleCount
GetSystemTime
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
ExitProcess
SetLastError
GetOEMCP
FreeEnvironmentStringsW
GetLastError
TerminateProcess
FlushFileBuffers
WriteFile
SetFileAttributesW
EnterCriticalSection
TlsGetValue
VirtualAlloc
CloseHandle
FoldStringW
GetDiskFreeSpaceW
GetSystemTimeAsFileTime
GetCurrentProcess
GetEnvironmentStringsW
InterlockedDecrement
SetEnvironmentVariableA
GetStringTypeA
DeleteCriticalSection
InterlockedIncrement
LoadLibraryA
HeapReAlloc
GetVersion
SetConsoleTitleA
MultiByteToWideChar
GetStringTypeW
LoadModule
HeapCreate
InterlockedExchange
SetFilePointer
TlsAlloc
IsBadWritePtr
LCMapStringW
FreeEnvironmentStringsA
HeapDestroy
GetModuleHandleA
LeaveCriticalSection
GetCurrentProcessId
GetCPInfo
GetACP
GetTimeZoneInformation
HeapFree
UnhandledExceptionFilter
GetProcAddress
CreateMutexA
ReadFile
GetEnvironmentStrings
GetCommandLineA
VirtualQuery
TlsFree
TlsSetValue
GetCurrentThread
CompareStringA
GetCalendarInfoA
GetThreadSelectorEntry
OpenMutexA

shell32

ShellExecuteExW
ExtractAssociatedIconExA

gdi32

UpdateICMRegKeyA
EnumICMProfilesW
GetDeviceGammaRamp
UpdateColors
SetBitmapDimensionEx
Pie
LineDDA
GetCharWidthFloatA
SelectObject
CreateRectRgnIndirect
OffsetRgn
PatBlt
MoveToEx
GetObjectW
GetDeviceCaps
GetOutlineTextMetricsW
GetTextExtentPoint32W
CreateColorSpaceA
CreateBitmapIndirect
ScaleViewportExtEx
DeleteDC
CreateDCW
SetBrushOrgEx
GetGlyphOutlineA
GetTextCharacterExtra

user32

DefWindowProcA
ShowWindow
MessageBoxA
ImpersonateDdeClientWindow
ToUnicodeEx
LookupIconIdFromDirectoryEx
RegisterClassExA
GetClipboardFormatNameA
OpenIcon
OemToCharA
LoadImageW
RegisterClassA
DestroyWindow
CreateWindowExA
CharPrevA
LoadCursorA
IsCharAlphaNumericA

comctl32

CreatePropertySheetPageA
ImageList_Remove
ImageList_DragEnter
ImageList_SetFlags
DrawStatusText
GetEffectiveClientRect
DestroyPropertySheetPage
ImageList_SetFilter
InitCommonControlsEx
_TrackMouseEvent
ImageList_LoadImageA
ImageList_GetFlags
ImageList_Draw
DrawInsert
MakeDragList
ImageList_Merge

comdlg32

ReplaceTextW

Sections

.text
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

971b644c603cc1d8047dcf8dd407768e

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

user32

comctl32

comdlg32

Sections

.text Size: 321KB - Virtual size: 321KB

.rdata Size: 53KB - Virtual size: 77KB

.data Size: 111KB - Virtual size: 111KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 321KB - Virtual size: 321KB

.rdata
Size: 53KB - Virtual size: 77KB

.data
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 60KB - Virtual size: 59KB