04fe0239567b58f6e5305306209fd352

Sharing

Copy URL

Twitter E-mail

General

Target

04fe0239567b58f6e5305306209fd352
Size

59KB
MD5

04fe0239567b58f6e5305306209fd352
SHA1

5cf42878f90146c4909d4e5b07437ff5f1d751dd
SHA256

1ebe275bceab07aca4445c143138d3d1ed35a50f17eb31eeadb97db6675f8b9c
SHA512

2c782d269353bddab38b047eeeba519440e40cda72b121beaaf66aa9cfde3b4d9a576731684b0953be9b78693a8da6e9234f63364efa0306ba9fb90ee53958f8
SSDEEP

1536:CtO3w1H4zbCCH4HeovQsudzsbkJCslDO:C7Oz+CHLovQrJxlDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04fe0239567b58f6e5305306209fd352

Files

04fe0239567b58f6e5305306209fd352
.exe windows:4 windows x86 arch:x86

fea75f1f6d80d8d5e5c34f1b7f450e73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindOnPathA
StrIsIntlEqualA
SHAutoComplete
UrlIsOpaqueA
StrToIntExA
SHRegWriteUSValueA
PathSearchAndQualifyA
UrlGetLocationA
PathIsFileSpecA
SHCreateStreamWrapper
StrFormatByteSize64A
PathAppendA
SHRegCreateUSKeyA
PathFileExistsA
StrSpnA
HashData
SHIsLowMemoryMachine
PathIsUNCA
ColorHLSToRGB
SHDeleteValueA
PathMakePrettyA
SHRegOpenUSKeyA
PathCommonPrefixA
StrCSpnA
PathRemoveBlanksA
AssocQueryStringA
PathIsRelativeA
PathGetDriveNumberA
StrChrIA
PathQuoteSpacesA
PathStripToRootA

kernel32

lstrlen
FindNextChangeNotification
ResetEvent
GetProfileIntA
GetPrivateProfileStructA
ReadConsoleA
MoveFileA
GetCommConfig
GetTapeStatus
SystemTimeToTzSpecificLocalTime
SetConsoleCtrlHandler
SizeofResource
ClearCommBreak
Module32First
GetSystemDirectoryA
SetDefaultCommConfigA
DeleteFileA
SetupComm
lstrcat
WriteFileGather
GetProcessVersion
BuildCommDCBA
SwitchToFiber
GetPrivateProfileSectionNamesA
GetStdHandle
Heap32ListNext
OpenEventA
GetLogicalDriveStringsA
FileTimeToLocalFileTime
PrepareTape
GetShortPathNameA
CloseHandle
GetFileAttributesExA
GetCommState
LocalFree
FreeLibrary
GetPrivateProfileIntA
_lread
WinExec
GlobalFindAtomA
GetConsoleCursorInfo
OutputDebugStringA
HeapDestroy
GetSystemPowerStatus
GlobalFlags
CreateFiber
Process32Next
GetProfileStringA
CancelIo
FindCloseChangeNotification
_llseek
CreateFileMappingA
GlobalCompact
LocalLock
GetExitCodeThread
WriteFile
TerminateThread
AreFileApisANSI
CreateMailslotA

advapi32

EnumDependentServicesA

Sections

.fgr
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mtsj
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mdy
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.typcx
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fea75f1f6d80d8d5e5c34f1b7f450e73

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

Sections

.fgr Size: 22KB - Virtual size: 45KB

.mtsj Size: 5KB - Virtual size: 10KB

.mdy Size: 1024B - Virtual size: 1KB

.typcx Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.fgr
Size: 22KB - Virtual size: 45KB

.mtsj
Size: 5KB - Virtual size: 10KB

.mdy
Size: 1024B - Virtual size: 1KB

.typcx
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB