4182e79141ec733986a503daaf1a50e2

Sharing

Copy URL Twitter E-mail

General

Target

4182e79141ec733986a503daaf1a50e2
Size

254KB
MD5

4182e79141ec733986a503daaf1a50e2
SHA1

6805667fb7522a6cc77e3bd84de4b8c587e8549b
SHA256

73ec448156b1c06818875d64d366cf0f82769d4e078106d780e3fe1c54425667
SHA512

ed100b5c678a570b3548e3277e3b7e0e5cfe17009f622bd6c0d01492c8b8404063c7f230fe050a7ffafe756996c4af1b19247044936fd6ab232218fcabab3216
SSDEEP

6144:mrf4g+kr9h4g2RaIrx1rrj3EeO/LQKmTvCqIQw4fBgGs:yf4g/r9+HRaIrx1rrj3EeOTQKmTvxIBv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4182e79141ec733986a503daaf1a50e2

Files

4182e79141ec733986a503daaf1a50e2
.exe windows:4 windows x86 arch:x86

e36e1b070b01f074421d2e27c39e8f00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpCommandW

advapi32

CryptSetHashParam
RegNotifyChangeKeyValue
CryptAcquireContextW
CryptSetProviderExA
CryptGetProvParam
CryptSetKeyParam
RegLoadKeyA
RegQueryValueExW
CryptSetProviderA
CryptDeriveKey
RegEnumKeyExW
RegRestoreKeyW

comdlg32

GetOpenFileNameW
LoadAlterBitmap
GetSaveFileNameW
PrintDlgW
PageSetupDlgW
GetFileTitleW
ChooseFontW
GetSaveFileNameA
ReplaceTextW

gdi32

DrawEscape
GetColorAdjustment
SetDeviceGammaRamp
GetLogColorSpaceA
PolyBezier
GetStretchBltMode
AddFontResourceW
SetBitmapDimensionEx
SetViewportExtEx
GetTextExtentPointW
CreateColorSpaceW
SetDIBits
OffsetViewportOrgEx
GetEnhMetaFileBits
SetBrushOrgEx
GetMetaRgn
PlgBlt
UpdateICMRegKeyA

kernel32

GetFileType
WriteFile
lstrcmp
VirtualAlloc
GetOEMCP
WideCharToMultiByte
GetModuleFileNameA
CreatePipe
FreeEnvironmentStringsW
GetDateFormatA
LoadLibraryA
VirtualFree
TerminateProcess
SetCriticalSectionSpinCount
GetTimeFormatA
lstrlenW
RtlUnwind
Sleep
SetHandleCount
HeapReAlloc
HeapCreate
GetSystemTimeAsFileTime
GetModuleHandleA
IsDebuggerPresent
GetACP
MultiByteToWideChar
ExitProcess
TransactNamedPipe
InterlockedIncrement
InterlockedDecrement
HeapSize
LCMapStringA
LocalFileTimeToFileTime
ReadConsoleW
VirtualQuery
SetLastError
GetEnvironmentStrings
GetStdHandle
LeaveCriticalSection
TlsFree
TlsGetValue
UnhandledExceptionFilter
GetUserDefaultLCID
GetModuleFileNameW
CompareStringA
SetEnvironmentVariableA
SetConsoleTextAttribute
lstrcat
InterlockedExchange
GetEnvironmentStringsW
IsValidCodePage
GetStringTypeA
GetProcAddress
WriteConsoleOutputA
OpenSemaphoreA
QueryPerformanceCounter
FreeLibrary
HeapAlloc
GetVersionExA
IsValidLocale
GetStringTypeW
EnumSystemLocalesA
SetConsoleCtrlHandler
GetLastError
GetTickCount
RtlMoveMemory
UnlockFile
TlsAlloc
TlsSetValue
CompareStringW
HeapDestroy
GetCPInfo
GetStartupInfoA
EnterCriticalSection
FreeEnvironmentStringsA
WriteConsoleA
ResumeThread
DeleteCriticalSection
GetPrivateProfileSectionNamesA
GetLocaleInfoA
GetCurrentProcessId
LCMapStringW
SetUnhandledExceptionFilter
WritePrivateProfileStringW
GetCurrentProcess
FileTimeToDosDateTime
GetTimeZoneInformation
GetProfileStringW
GetProcessHeap
HeapFree
GetCurrentThreadId
GetCommandLineA
GetCurrentThread
GetLocaleInfoW
InitializeCriticalSection
GetThreadTimes

shell32

SHBrowseForFolder
ShellAboutW
SHGetDataFromIDListW
SHGetDataFromIDListA
RealShellExecuteExW
SHChangeNotify
SHFreeNameMappings
ExtractIconW
ExtractAssociatedIconExA

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e36e1b070b01f074421d2e27c39e8f00

Headers

File Characteristics

Imports

wininet

advapi32

comdlg32

gdi32

kernel32

shell32

Sections

.text Size: 131KB - Virtual size: 130KB

.data Size: 112KB - Virtual size: 111KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 131KB - Virtual size: 130KB

.data
Size: 112KB - Virtual size: 111KB

.rsrc
Size: 10KB - Virtual size: 10KB