41683decbe42c6c6be5809e440eb12b5

Sharing

Copy URL Twitter E-mail

General

Target

41683decbe42c6c6be5809e440eb12b5
Size

485KB
MD5

41683decbe42c6c6be5809e440eb12b5
SHA1

034e6f22647488947a1382ede2b91cd9b8b52bab
SHA256

e863da0068619bb24061291a82ff48e86d9fcb734fbfad11fa1b4b944b87486d
SHA512

be60aefba69ad19e53964f309d3d6cbaaeb3e7ab8449bb2eb518f81ad9ff96a2d1a82417ece6632e3d233969d04a68cf75f09784b2f77e76f98bfc67005a4c22
SSDEEP

12288:xBIp8vsGbYVhJ8DIm+OTQ4Duw9jdaMal8ts0Dar1ca:XC8kGcVhxuQ4ZYmZUca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41683decbe42c6c6be5809e440eb12b5

Files

41683decbe42c6c6be5809e440eb12b5
.exe windows:4 windows x86 arch:x86

b9e234282234a4736baf82e291bc93e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
RtlUnwind
LeaveCriticalSection
GetEnvironmentStrings
GetStringTypeA
GetLastError
DeleteCriticalSection
EnterCriticalSection
GetStartupInfoA
TerminateProcess
ExitProcess
VirtualAlloc
ReadFile
OpenMutexA
QueryPerformanceCounter
SetFilePointer
InterlockedExchange
IsBadWritePtr
VirtualFree
GetVersion
CreateMutexA
HeapAlloc
GetCommandLineA
GetStdHandle
HeapReAlloc
CompareStringA
FreeEnvironmentStringsW
WideCharToMultiByte
InitializeCriticalSection
MultiByteToWideChar
HeapCreate
ReleaseSemaphore
LCMapStringA
TlsSetValue
InterlockedDecrement
TlsAlloc
HeapDestroy
GetCurrentProcessId
HeapFree
FreeEnvironmentStringsA
GetCurrentThreadId
GetACP
InterlockedIncrement
CloseHandle
GetProcAddress
GetTimeZoneInformation
GetOEMCP
GetModuleHandleA
GetLocalTime
GetStringTypeW
EnumDateFormatsExA
GetFileType
VirtualQuery
GetProcessHeaps
LoadLibraryA
GetSystemTime
GetEnvironmentStringsW
LCMapStringW
FlushFileBuffers
GetModuleFileNameA
SetStdHandle
CompareStringW
UnhandledExceptionFilter
TlsGetValue
TlsFree
GetSystemTimeAsFileTime
GetCurrentProcess
GetTickCount
GetCurrentThread
GetCPInfo
WriteFile
SetLastError
SetEnvironmentVariableA

user32

CreateCursor
DdeCreateStringHandleA
CopyIcon
GetKeyboardLayoutNameW
GetClassNameW
SetWindowWord
GetUserObjectInformationA
CharUpperBuffW
HideCaret
DialogBoxParamW
GetMenuItemID
CascadeWindows
GetWindowContextHelpId
WindowFromDC
CreateDialogParamW
RegisterClassA
GetDC
GetCaretBlinkTime
LoadMenuIndirectA
ModifyMenuA
ScrollDC
LoadStringW
LoadAcceleratorsA
RegisterClassExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9e234282234a4736baf82e291bc93e2

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 4KB - Virtual size: 12KB

.data Size: 312KB - Virtual size: 311KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 4KB - Virtual size: 12KB

.data
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 6KB - Virtual size: 5KB