41e00aba451ad5019f954aa4fb45f6bb

Sharing

Copy URL Twitter E-mail

General

Target

41e00aba451ad5019f954aa4fb45f6bb
Size

108KB
MD5

41e00aba451ad5019f954aa4fb45f6bb
SHA1

c7a1226ef67596a1750cfaab392706afe0b675e3
SHA256

7ade20d61f7362b81d11cd9893752bba6d207260dcf7fdb829e0d76448093446
SHA512

7db1435181a546405ed5d00be73e16ffbd0c1ab06e816f2569785efde2b032ea85091f6c012259589a8efddb99fdc23863b1f625796398d30a020ac53a2a91f2
SSDEEP

768:tWs4xtQhPZfLAyooelPluutqInq7MoFmZ+WqyC9wAUdXrTjoeMA9liM8lC43ZU9r:ttxhRfLQ1btqg6MoE0WlC5OsewRlDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41e00aba451ad5019f954aa4fb45f6bb

Files

41e00aba451ad5019f954aa4fb45f6bb
.exe windows:4 windows x86 arch:x86

c22e738a7bbf9ce2a62b10dd9277b03a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertCloseStore
CertFreeCertificateContext
CertOpenSystemStoreA
CertSetCertificateContextProperty
CertCreateCertificateContext
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CertDeleteCertificateFromStore

hid

HidD_GetHidGuid

winscard

SCardListReadersA
SCardFreeMemory
SCardEstablishContext

kernel32

GetModuleHandleA
CloseHandle
CreateProcessA
CopyFileA
DeleteFileA
GetLastError
GetProcAddress
LoadLibraryA
FreeLibrary
CreateThread
MultiByteToWideChar
GetVersionExA
ReleaseSemaphore
CreateSemaphoreA
ExitThread
SetCurrentDirectoryA
SetEndOfFile
HeapSize
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
SetStdHandle
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
SetFilePointer
VirtualQuery
InterlockedExchange
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
CompareStringA
CompareStringW
GetLocaleInfoA
ReadFile
WaitForSingleObject
ExitProcess
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
RtlUnwind
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
GetTimeZoneInformation
GetFullPathNameA
GetCurrentDirectoryA
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetACP
GetOEMCP
GetCPInfo
WriteFile
FlushFileBuffers
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetEnvironmentVariableA

user32

LoadStringA
FindWindowA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostMessageA
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassExA
BeginPaint
EndPaint
UnregisterDeviceNotification
PostQuitMessage
DefWindowProcA
DestroyWindow
KillTimer
SetTimer
RegisterDeviceNotificationA

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c22e738a7bbf9ce2a62b10dd9277b03a

Headers

File Characteristics

Imports

crypt32

hid

winscard

kernel32

user32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 79KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 79KB

.rsrc
Size: 48KB - Virtual size: 47KB