049c403e0d8621a0309b731e7b8e52c3

Sharing

Copy URL Twitter E-mail

General

Target

049c403e0d8621a0309b731e7b8e52c3
Size

106KB
MD5

049c403e0d8621a0309b731e7b8e52c3
SHA1

7c00131cdb85e935822290b79feb4e309b494678
SHA256

1d47dce6050b2ec3f92526a0f37b0a5d3b561dde3613ffd5901aecf9df086434
SHA512

f1f1a7fb1b73a82d1585dfc27b5f2dfb2d34cda0587eb10e6451c607ed2628c24613832a36f725ebe7e1fe978387ce0326bdea475bb1812ec5762d0a1aefbefe
SSDEEP

1536:j9kFWCEPoh1087rYjKQd9kwRKX05bIBkzIPwglEVdmm7BxjVKVcXuid9N:jVFPvjKQkkKkJIBigwggB7BJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
049c403e0d8621a0309b731e7b8e52c3

Files

049c403e0d8621a0309b731e7b8e52c3
.exe windows:4 windows x86 arch:x86

6a24432875f372455d3b1b7a26481968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteAtom
GetCommandLineA
WriteFile
ReadFile
CopyFileW
DeleteFileW
ReadConsoleA
GetCPInfo
ExitThread
DeleteFileA
ReadFile
CopyFileA
GetFileSize
ReadConsoleA
CreateThread
FindFirstFileA
OpenFile
GetLastError
WriteFile
OpenFileMappingA
DeleteAtom
CopyFileExW
GetStdHandle
GetCommandLineA
CreateDirectoryA
GetCPInfo
CopyFileExA
GlobalFree
ExitThread

advapi32

RegQueryInfoKeyA
RegDeleteValueW
RegLoadKeyA
RegQueryValueExW
RegEnumKeyA
RegFlushKey
RegGetKeySecurity
RegQueryValueExA
RegQueryInfoKeyW
RegReplaceKeyA
RegEnumValueA
RegEnumKeyW
RegLoadKeyW

user32

GetDlgItem
IsMenu
DrawTextW
CloseWindow
AppendMenuA
DrawIconEx
CopyRect
GetFocus
GetWindowTextLengthA
AlignRects

comctl32

ImageList_GetIconSize
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_Remove
ImageList_BeginDrag
ImageList_Destroy
ImageList_Merge
ImageList_DrawEx
ImageList_GetImageRect
ImageList_GetDragImage
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
InitCommonControls
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_Create
ImageList_Read
ImageList_LoadImage
ImageList_DragMove
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageRect
ImageList_Copy
ImageList_AddIcon
ImageList_GetImageInfo
ImageList_DrawEx
ImageList_AddMasked
ImageList_GetDragImage
ImageList_DrawIndirect
ImageList_DragLeave

gdi32

BeginPath
AddFontResourceW
CreateSolidBrush
AddFontResourceExW
GetClipBox
CopyMetaFileA
DeleteObject
AddFontMemResourceEx
GetBitmapBits
GetDCOrgEx
ExtTextOutA
ClearBitmapAttributes
BitBlt
GetCurrentPositionEx
AbortPath
ClearBrushAttributes
DeleteDC

shell32

DragQueryFileW
CommandLineToArgvW
SHFindFiles
SHChangeNotifyRegister
CheckEscapesA
SHChangeNotifyDeregister
ExtractIconExA
ExtractIconResInfoA
SHUpdateImageA
SHDefExtractIconA
DllGetVersion
SHDefExtractIconW
ExtractIconEx

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 59KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 198B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 855B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a24432875f372455d3b1b7a26481968

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

gdi32

shell32

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 72KB - Virtual size: 72KB

.bbs Size: - Virtual size: 59KB

.idata Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 198B

.rdata Size: 512B - Virtual size: 855B

.rsrc Size: 1024B - Virtual size: 516B

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 72KB - Virtual size: 72KB

.bbs
Size: - Virtual size: 59KB

.idata
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 198B

.rdata
Size: 512B - Virtual size: 855B

.rsrc
Size: 1024B - Virtual size: 516B