4484fc7ace9513ec42fee51a84f149bb

General

Target

4484fc7ace9513ec42fee51a84f149bb
Size

17KB
MD5

4484fc7ace9513ec42fee51a84f149bb
SHA1

908fa5ea50bbf8a15ed6729b524ae64b173ec104
SHA256

e7dcac5a01cf40b40c0dbbe5aa2ca59234730a94cf4aee6ee53760002c552f24
SHA512

5b5556e7840de442e813df8adb10e3c5e20c1777fb1ccd62e00750a1769dcdcf9a1d40290775ebfc22816addf537e5e036b681c83bb4720e4f95abef7559f07e
SSDEEP

96:feNbjib0BHWrk1ERENy50GuRwN2m6GzQUSA/qxIENgkhy4EA7vJJ2D+zEQZDeBgK:f8tmE85pF2m6AQUOxIEikQ+7DlE68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4484fc7ace9513ec42fee51a84f149bb

Files

4484fc7ace9513ec42fee51a84f149bb
.exe windows:5 windows x86 arch:x86

bb7153d2d9e3c43a71de41f7cc66e439

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SetHandleInformation
GetVersionExA
lstrlenW
MoveFileA
Sleep
GetModuleFileNameA
GetShortPathNameA
WriteFile
GetSystemTimeAsFileTime
GetCurrentThreadId
SizeofResource
FindResourceA
GetProcAddress
lstrcpynA
GetTickCount
LoadLibraryExA
LeaveCriticalSection
lstrcatA
GetSystemDefaultLangID
EnterCriticalSection
CloseHandle
ExitProcess
VirtualQuery
MultiByteToWideChar
DeleteFileA
RaiseException
QueryPerformanceCounter
LockFileEx
ReadFile
lstrcmpiA
CreateFileA
WideCharToMultiByte
IsDBCSLeadByte
lstrlenA
GetCurrentProcessId
GetStartupInfoA
LockResource
GetLocaleInfoA
GetModuleHandleA
CreateProcessA
InitializeCriticalSection
InterlockedIncrement
CreatePipe
GetACP
SetFileAttributesA
GetThreadLocale
LoadResource
InterlockedExchange
GetSystemDirectoryA
OutputDebugStringA
GetLastError
DeleteCriticalSection
InterlockedDecrement

user32

MessageBoxA
LoadStringA
wsprintfA
CharNextA

advapi32

RegQueryValueExA
RegCloseKey
OpenProcessToken
RegOpenKeyExA
LookupPrivilegeValueA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdkg
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb7153d2d9e3c43a71de41f7cc66e439

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 118KB

.gdkg Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 263KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 118KB

.gdkg
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 263KB