4178bef55870c8b2911f9c13762cc038

Sharing

Copy URL Twitter E-mail

General

Target

4178bef55870c8b2911f9c13762cc038
Size

45KB
MD5

4178bef55870c8b2911f9c13762cc038
SHA1

8f77b23f9fa17657f212e257a2d6bc5a20e68c57
SHA256

eab13cfa712107010190ec72d2580eff5fe93eb226316b5a001f19da99815fa5
SHA512

eb25fbf7dafaeff6074bddc1562e63085d37b9fc3db45bf62135f784bf802d65b74c352d0241178b3ad40ca9e12126eb23ca7a5039145c358cef4f02e8780741
SSDEEP

768:VnjnPZ9Vu1uk2bNLQrfaYvN6r4xPB1rfossbt3LaL1NGnx0ytJY:VnDp9k29QrfaYFw0zrfIt3mxNGyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4178bef55870c8b2911f9c13762cc038

Files

4178bef55870c8b2911f9c13762cc038
.exe windows:4 windows x86 arch:x86

de04f0cc89ae7f584e6891eb90281507

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32NextW
VirtualProtect
GetConsoleAliasesA
GetPrivateProfileSectionW
GetConsoleInputExeNameW
VerifyVersionInfoA
GetProcessHeap
GetCPInfoExW
GetDiskFreeSpaceExW
InterlockedExchange
CreateWaitableTimerA
FillConsoleOutputAttribute
GetLastError
GlobalFix
SleepEx
GetDefaultCommConfigA
RegisterWowExec
FatalAppExitA
Heap32Next
DebugActiveProcess
FreeEnvironmentStringsA
OpenSemaphoreA
QueryDosDeviceA
SetVolumeLabelW
EnumLanguageGroupLocalesW
SetEvent
FreeEnvironmentStringsW
DeleteFiber
DosPathToSessionPathW
SetVolumeLabelA
ReadConsoleOutputCharacterW
LoadResource
DnsHostnameToComputerNameA

user32

VkKeyScanA
GetWindowModuleFileNameA
DestroyMenu
SetWindowsHookA
ReleaseCapture
DdeInitializeA
RegisterServicesProcess
IsClipboardFormatAvailable
ValidateRgn
GetClassNameA
SetClassLongW
ToUnicode
GetShellWindow
DdeImpersonateClient
LoadMenuW
MapWindowPoints
EnableScrollBar
CopyRect
GetSubMenu
IMPQueryIMEW
RegisterClassW
MapVirtualKeyExW
DlgDirListW
ReuseDDElParam
GetPropA
PostMessageA
CharPrevA
DdeCmpStringHandles

gdi32

PolyPolyline
bMakePathNameW
GetCharacterPlacementA
CreateSolidBrush
EngDeleteClip
UnrealizeObject
GdiEntry10
CreateEllipticRgn
GdiReleaseLocalDC
FONTOBJ_vGetInfo
EngGradientFill
EnumFontsW
SetDCBrushColor
FixBrushOrgEx
EngFillPath
GetClipRgn

comdlg32

FindTextA
PrintDlgExW
GetOpenFileNameW
PrintDlgExA
GetSaveFileNameA
PageSetupDlgW
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseFontW
GetSaveFileNameW
PrintDlgA
LoadAlterBitmap
ChooseFontA
FindTextW
PageSetupDlgA
PrintDlgW
CommDlgExtendedError

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de04f0cc89ae7f584e6891eb90281507

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 3KB - Virtual size: 4KB