4323283dc0d2610253dfaa34daa782ae

Sharing

Copy URL Twitter E-mail

General

Target

4323283dc0d2610253dfaa34daa782ae
Size

560KB
MD5

4323283dc0d2610253dfaa34daa782ae
SHA1

1945a881f4ada3ccb795237b6a87f48b6135938d
SHA256

971be7b858005c71ff909717c4d8a2aea115c4d22c2fb8eca0f29313577cbb2e
SHA512

20cd3de20883a6c65e344d5444d00e7f28f3c9f979fc842300ecbf8ca1ea3dbd8e487d310e318cf8b1e421f10a196a88acdac3c33f51dcce0a3088b936c9910c
SSDEEP

12288:TLapykKCGo7OodXKaF7s7+m3+EdjiUn2CA:TLGykKu7OodrQ7Z35iXv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4323283dc0d2610253dfaa34daa782ae

Files

4323283dc0d2610253dfaa34daa782ae
.exe windows:4 windows x86 arch:x86

786ce39e41eef1919e82fb7094ff51f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
DefWindowProcW
ShowWindowAsync
EndTask
GetMenuDefaultItem
ReleaseDC
MapDialogRect
MapWindowPoints
GetCursorInfo
DestroyWindow
SetWindowRgn
CreateWindowExW
ShowWindow
BlockInput
FindWindowA
MessageBoxW
CharUpperBuffW
ExcludeUpdateRgn
RegisterClassA
CheckMenuItem
GetWindowDC
VkKeyScanExA
GetClipboardViewer
CreateMDIWindowW

shell32

ShellExecuteEx
SHGetDesktopFolder
SHBrowseForFolderA

comctl32

InitCommonControlsEx
ImageList_DragLeave
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_SetBkColor
CreatePropertySheetPageA
CreatePropertySheetPageW

comdlg32

ReplaceTextW
PageSetupDlgW
ChooseFontA

kernel32

HeapAlloc
GetCurrentThreadId
WriteFile
CloseHandle
SetHandleCount
ReadFile
CreateRemoteThread
SetEnvironmentVariableA
SetConsoleCursorInfo
GetProcAddress
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedCompareExchange
CompareStringW
GetLocaleInfoA
lstrcpyA
SetConsoleOutputCP
GetConsoleMode
WritePrivateProfileStructW
GetModuleFileNameA
GetUserDefaultLCID
InterlockedDecrement
FoldStringA
SetFilePointer
WideCharToMultiByte
CompareStringA
GetUserDefaultLangID
VirtualAlloc
EnumCalendarInfoExA
GetFileTime
HeapFree
MapViewOfFileEx
SetUnhandledExceptionFilter
GetPrivateProfileSectionNamesW
EnumCalendarInfoExW
MoveFileExA
GetFileType
LoadLibraryA
InterlockedExchange
GlobalFindAtomW
GetEnvironmentStrings
TlsGetValue
RtlUnwind
DeleteAtom
FindAtomW
RemoveDirectoryA
GetACP
GetProfileSectionW
GetStdHandle
GetLastError
WritePrivateProfileStringA
Sleep
lstrcmpA
GetEnvironmentStringsW
GetProfileIntW
GetProcAddress
GetCurrentProcessId
OpenWaitableTimerW
InterlockedIncrement
FlushFileBuffers
GetStringTypeA
SetConsoleCtrlHandler
TerminateProcess
lstrcmpi
LockFile
UnhandledExceptionFilter
WritePrivateProfileSectionA
OpenMutexA
IsDebuggerPresent
WritePrivateProfileStringW
WriteConsoleOutputAttribute
RaiseException
SetLastError
SetTimeZoneInformation
GetStartupInfoA
HeapCreate
CreateMutexA
EnumSystemCodePagesW
GetProcessHeap
WriteConsoleOutputW
InitializeCriticalSection
MultiByteToWideChar
CreateFileA
GetVersionExA
GetTimeZoneInformation
EnterCriticalSection
GetLocaleInfoW
FreeEnvironmentStringsA
LCMapStringA
DeleteCriticalSection
GlobalHandle
EnumSystemLocalesA
GetStringTypeW
AddAtomA
LeaveCriticalSection
IsValidCodePage
TlsAlloc
LoadResource
GetTempFileNameW
TlsFree
SetStdHandle
HeapSize
GetDateFormatA
HeapLock
WriteConsoleW
EnumCalendarInfoA
GetCPInfo
GetCommandLineA
CreateDirectoryW
FreeLibrary
GetConsoleOutputCP
TlsSetValue
GetTickCount
LocalLock
GetTimeFormatA
GetCurrentProcess
GetConsoleCP
CreateWaitableTimerA
FreeEnvironmentStringsW
GetModuleHandleA
GetStringTypeExA
WriteConsoleA
ReadFileEx
GetCurrentThread
VirtualQuery
GetOEMCP
IsValidLocale
VirtualFree
HeapDestroy
QueryPerformanceCounter
ExitProcess
GetCurrencyFormatW
LCMapStringW
GetFullPathNameW

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

786ce39e41eef1919e82fb7094ff51f4

Headers

File Characteristics

Imports

user32

shell32

comctl32

comdlg32

kernel32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 108KB - Virtual size: 136KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 108KB - Virtual size: 136KB

.rsrc
Size: 20KB - Virtual size: 18KB