4f23945500eff7af3e3741dd82b0eed3

Sharing

Copy URL

Twitter E-mail

General

Target

4f23945500eff7af3e3741dd82b0eed3
Size

256KB
MD5

4f23945500eff7af3e3741dd82b0eed3
SHA1

ce80da4e6eb947cf410b9c9dd842fda0d6e9b97d
SHA256

3cde77908cff2fcafbcdd6702fe3be7c98cddc830ed47ded7fa4ee88f2832d1c
SHA512

b6478e854d98d5074fa4ef90727955ab20dea8b1d6d0be63c96952dc55aadb275fefcea2a28c3254428e3013fbca9e5f5edbceffaf48e30c83c65f852ea63a47
SSDEEP

6144:yt2yeY4oAAEFuhE28U1Qj4nQMj6QUV9fJJx2JK182prJaw0FM:yt2yeYPF+uhQU04nQLZJl8Sg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f23945500eff7af3e3741dd82b0eed3

Files

4f23945500eff7af3e3741dd82b0eed3
.exe windows:4 windows x86 arch:x86

63fd1e87a719c107458969f2ef179239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetRecordInfoFromGuids
VariantTimeToSystemTime
SafeArrayGetLBound
SafeArrayDestroy
LoadRegTypeLi
SysAllocString
SafeArrayGetDim
VariantCopy
SafeArrayGetVartype
SystemTimeToVariantTime
SafeArrayUnlock
SafeArrayCreateVectorEx
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayLock
VarBstrCmp
SysFreeString
SafeArrayGetUBound
VariantInit
SafeArrayRedim
SafeArrayCreate
VariantClear
SafeArrayUnaccessData
LoadTypeLi
VariantCopyInd
SysStringLen
SafeArrayAccessData
SafeArrayCopy
SysAllocStringLen
SysStringByteLen
VariantChangeType

kernel32

LockResource
lstrlenW
ReadFile
ExpandEnvironmentStringsW
WaitForSingleObject
HeapDestroy
EnterCriticalSection
UnhandledExceptionFilter
DeviceIoControl
LoadResource
RaiseException
GetLongPathNameW
FindClose
FormatMessageW
IsDebuggerPresent
MapViewOfFile
ResetEvent
SignalObjectAndWait
GlobalMemoryStatusEx
HeapFree
DeleteFileW
GetCurrentThreadId
SetUnhandledExceptionFilter
FindResourceW
CreateFileW
FileTimeToDosDateTime
CreateFileMappingW
GetSystemTime
SizeofResource
DeleteCriticalSection
LeaveCriticalSection
WriteFile
QueryDosDeviceW
ResumeThread
SetThreadLocale
CreateEventW
GetModuleHandleW
FileTimeToSystemTime
GetProcessHeap
SetEndOfFile
FindFirstFileW
CloseHandle
LocalFree
UnmapViewOfFile
CreateThread
GetSystemInfo
GetDriveTypeW
SetThreadPriority
GetACP
FindResourceExW
SetLastError
HeapAlloc
SetFilePointer
FreeLibrary
GetThreadLocale
HeapReAlloc
WaitForMultipleObjects
HeapSize
GetFileSize
GetSystemTimeAsFileTime
VirtualAllocEx

shlwapi

PathAppendW

shell32

SHGetFolderPathW

user32

wsprintfW
UnregisterClassA

ole32

OleRun
CoUninitialize
CoMarshalInterThreadInterfaceInStream
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoImpersonateClient
CoRevertToSelf

advapi32

LookupAccountSidW
MakeSelfRelativeSD
GetAclInformation
RegCreateKeyExW
EqualSid
GetSecurityDescriptorGroup
GetSidSubAuthority
GetSecurityDescriptorControl
GetTokenInformation
OpenProcessToken
GetSidLengthRequired
CopySid
MakeAbsoluteSD
GetLengthSid
RegQueryValueExW
InitializeSecurityDescriptor
InitializeAcl
OpenThreadToken
AddAce
GetSecurityDescriptorDacl
SetSecurityDescriptorOwner
DuplicateTokenEx
RevertToSelf
GetSecurityDescriptorSacl
ConvertStringSidToSidW
InitializeSid
SetThreadToken
RegCloseKey
IsValidSid
GetSecurityDescriptorOwner
SetSecurityDescriptorDacl
LookupPrivilegeValueW
RegNotifyChangeKeyValue
GetSecurityDescriptorLength
AdjustTokenPrivileges

userenv

UnloadUserProfile

esent

JetStopServiceInstance
JetCreateTableColumnIndex
JetRetrieveKey
JetGetTableInfo
JetGetLS
JetGetCursorInfo
JetOpenFile
JetPrepareUpdate
JetDetachDatabase
JetCreateDatabaseWithStreaming
JetGetTruncateLogInfoInstance
JetSetColumns
JetGetAttachInfoInstance
JetSetCurrentIndex3

scrrun

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.fmCma
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.LQUrAC
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SitA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hpcMJ
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bVUGvzj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZsMGdz
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NQnDuGc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mSUHsRG
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UFHYF
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmGaHYW
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YQmo
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63fd1e87a719c107458969f2ef179239

Headers

File Characteristics

Imports

oleaut32

kernel32

shlwapi

shell32

user32

ole32

advapi32

userenv

esent

scrrun

Sections

.fmCma Size: 1024B - Virtual size: 20KB

.text Size: 19KB - Virtual size: 18KB

.LQUrAC Size: 1KB - Virtual size: 1KB

.SitA Size: 2KB - Virtual size: 2KB

.hpcMJ Size: 1024B - Virtual size: 732B

.bVUGvzj Size: 1KB - Virtual size: 1KB

.ZsMGdz Size: 512B - Virtual size: 197B

.NQnDuGc Size: 1KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 126KB

.rdata Size: 209KB - Virtual size: 209KB

.mSUHsRG Size: 3KB - Virtual size: 2KB

.UFHYF Size: 2KB - Virtual size: 2KB

.vmGaHYW Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.YQmo Size: 1024B - Virtual size: 576B

.fmCma
Size: 1024B - Virtual size: 20KB

.text
Size: 19KB - Virtual size: 18KB

.LQUrAC
Size: 1KB - Virtual size: 1KB

.SitA
Size: 2KB - Virtual size: 2KB

.hpcMJ
Size: 1024B - Virtual size: 732B

.bVUGvzj
Size: 1KB - Virtual size: 1KB

.ZsMGdz
Size: 512B - Virtual size: 197B

.NQnDuGc
Size: 1KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 126KB

.rdata
Size: 209KB - Virtual size: 209KB

.mSUHsRG
Size: 3KB - Virtual size: 2KB

.UFHYF
Size: 2KB - Virtual size: 2KB

.vmGaHYW
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.YQmo
Size: 1024B - Virtual size: 576B