4116ed2123e94ef78031e6899e63a356

Sharing

Copy URL Twitter E-mail

General

Target

4116ed2123e94ef78031e6899e63a356
Size

128KB
MD5

4116ed2123e94ef78031e6899e63a356
SHA1

e8969ff543b430f6401ae2ced7813953a08789d0
SHA256

25cdb2b2413b8cdbb5b747d095ca228895db1f25b3209e79008148fec800779f
SHA512

0b3fac03e9cf00bf9aeebd57f67e718149828b61ff74c32696cf82441c86bedc08e62ca80dcba9ba5cb5a31adf37e5c0a7a096a7f16f598a59d2c58864c5c1cf
SSDEEP

3072:CXIVfh29rnDoi3ylB0EMXCUw0UgyOLRt:qIVfhAiW9LRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4116ed2123e94ef78031e6899e63a356

Files

4116ed2123e94ef78031e6899e63a356
.exe windows:4 windows x86 arch:x86

e3f7be3342d074147877a97256a436c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
lstrcpyW
WriteFile
SetFilePointer
GetFileSize
CreateFileW
WritePrivateProfileStringW
ExitProcess
OutputDebugStringW
HeapDestroy
MoveFileW
CloseHandle
DeleteFileW
Sleep
lstrlenA
FreeLibrary
HeapCreate
lstrlenW
lstrcmpW
MultiByteToWideChar
SetEndOfFile
FlushFileBuffers
ReadFile
lstrcatW
lstrcmpiW
LockResource
LoadResource
FindResourceW
GetCommandLineW
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
LoadLibraryW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetStdHandle
InterlockedExchange
LoadLibraryA
IsBadWritePtr
VirtualFree
SetConsoleCtrlHandler
GetLocalTime
RaiseException
RtlUnwind
GetModuleHandleA
GetCommandLineA
GetVersionExA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetLastError
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

wsprintfW
LoadStringW

advapi32

IsTextUnicode

shell32

CommandLineToArgvW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysStringByteLen
GetErrorInfo
SysStringLen
SysFreeString

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3f7be3342d074147877a97256a436c6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 56KB - Virtual size: 56KB