4305acd936b51a8a78e7bc7dd159adf3

Sharing

Copy URL Twitter E-mail

General

Target

4305acd936b51a8a78e7bc7dd159adf3
Size

153KB
MD5

4305acd936b51a8a78e7bc7dd159adf3
SHA1

3328095c0e1bf37a5ac2ab513e5895f4865bd255
SHA256

4db37d7597c707dc1b2680695dcc4dd932c83ebd18f65de76b6fc32ea2153ea6
SHA512

b0d770a826a11be25f6f3e1030ca083052449d5790b85f5442cc8f3b35d7eb24cd779e1fe66c6ce8ef468c13a0fa32f05c662d2d15628681d15d4fccb9cad5c9
SSDEEP

3072:dhy7LkM9Kl+8PGDeUY7EM2tHO9FFXtm1IrYHA3yGN0C/00OG:dh2kM8M8PGDeUY7Ehtu9FO1I3CGma00/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4305acd936b51a8a78e7bc7dd159adf3

Files

4305acd936b51a8a78e7bc7dd159adf3
.exe windows:4 windows x86 arch:x86

c5a4b212662940432675ce98c68b7071

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
CreateFileA
SearchPathW
ExitProcess
IsDebuggerPresent
GetDateFormatW
GetLocaleInfoA
GetLastError
CreateMailslotA
CopyFileExW
DosDateTimeToFileTime
GetProcessHeaps
CompareFileTime
GetStartupInfoW
FatalAppExitA
GetTimeFormatW
VirtualAlloc
GetCPInfo
lstrcatW
SetThreadPriority
GetNumberFormatA
ExitThread

user32

GetCapture
GetDlgItem
DeleteMenu
CreateDialogIndirectParamA
GetClassInfoW
CopyImage
CheckMenuItem
PostMessageA
ClientToScreen
ShowCaret
LoadBitmapA
GetMenuStringW
GetDC
DialogBoxIndirectParamW
CreateDesktopA
FrameRect
MessageBoxA
LoadImageW
CallWindowProcW
GetActiveWindow
MessageBoxIndirectA
UnregisterClassW
InsertMenuItemA
IsWindowEnabled
PostMessageW
SendDlgItemMessageW
GetWindowRgn
DefFrameProcW
ShowCursor
LoadMenuIndirectW
CheckMenuRadioItem
GetCapture
FlashWindow
GetWindowTextLengthW
CreatePopupMenu
DialogBoxParamA
AdjustWindowRect
EnumWindows
DrawTextA

gdi32

RemoveFontResourceExW
GetCharABCWidthsA
SelectClipRgn
ColorCorrectPalette
ResizePalette
CreateFontIndirectA
GetPixelFormat
GetEnhMetaFileW
RectInRegion
DeleteDC
GetCharABCWidthsFloatA
GetTextExtentExPointA
PolyBezier
IntersectClipRect
SetICMProfileA
EnumFontFamiliesW
DeleteMetaFile
CreateEllipticRgn

advapi32

RegOpenKeyExW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExA
RegRestoreKeyW
RegEnumValueW
RegQueryInfoKeyA

shell32

SHGetFileInfoA

setupapi

SetupQueueRenameSectionW
SetupLogFileW
SetupAddToDiskSpaceListA
SetupRemoveSectionFromDiskSpaceListA
SetupDiSetClassRegistryPropertyA
CM_Get_HW_Prof_FlagsA
SetupInstallFileW
SetupDeleteErrorA
SetupQueueCopySectionA
pSetupEnablePrivilege

oledlg

OleUIBusyA
OleUIConvertA
OleUIObjectPropertiesA

wsock32

GetAddressByNameW
send
GetTypeByNameW
GetNameByTypeA
WSACancelAsyncRequest
recvfrom
rcmd
getsockopt

crypt32

I_CryptAddSmartCardCertToStore
CryptCloseAsyncHandle
CertEnumCTLsInStore
CertSetCertificateContextProperty
CertCompareCertificate
CryptSignCertificate
CryptGetMessageSignerCount
CryptHashToBeSigned
I_CryptUninstallOssGlobal

Sections

.+gb%+
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.z0mf9#
Size: 512B - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.%EyJ=
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0Y-
Size: 2KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WI
Size: 2KB - Virtual size: 742B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pCs-
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2E+G&
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5a4b212662940432675ce98c68b7071

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

setupapi

oledlg

wsock32

crypt32

Sections

.+gb%+ Size: 11KB - Virtual size: 11KB

.z0mf9# Size: 512B - Virtual size: 38KB

.%EyJ= Size: 1024B - Virtual size: 11KB

.nv1 Size: 4KB - Virtual size: 3KB

.0Y- Size: 2KB - Virtual size: 45KB

.WI Size: 2KB - Virtual size: 742B

.pCs- Size: 1KB - Virtual size: 19KB

.2E+G& Size: 3KB - Virtual size: 45KB

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 1024B - Virtual size: 648B

.+gb%+
Size: 11KB - Virtual size: 11KB

.z0mf9#
Size: 512B - Virtual size: 38KB

.%EyJ=
Size: 1024B - Virtual size: 11KB

.nv1
Size: 4KB - Virtual size: 3KB

.0Y-
Size: 2KB - Virtual size: 45KB

.WI
Size: 2KB - Virtual size: 742B

.pCs-
Size: 1KB - Virtual size: 19KB

.2E+G&
Size: 3KB - Virtual size: 45KB

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 1024B - Virtual size: 648B