4380fed4f0cf45ac1790b1dfce7e3d89

Sharing

Copy URL Twitter E-mail

General

Target

4380fed4f0cf45ac1790b1dfce7e3d89
Size

2.6MB
MD5

4380fed4f0cf45ac1790b1dfce7e3d89
SHA1

01de2365408297e494a85bb62104b2988177fda7
SHA256

8ea1e5361b2438871305c936e3a3c32bb003dd33568ff3e0ed722e0df8465ece
SHA512

9e9e007793f37091fa6bdbb3408976d72142d51895648fac8562a9ff10f65c4a14e26987185d4b91e473401dea7f01d7827c4f43eff2d63e132e8e555b08454d
SSDEEP

49152:Xs+GiS/PJKYJaiE2vIiWust5omefuSE+u:3G7w+3IiWuIoQt+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4380fed4f0cf45ac1790b1dfce7e3d89

Files

4380fed4f0cf45ac1790b1dfce7e3d89
.exe windows:4 windows x86 arch:x86

36915968d154047fc0eb11c81e6bfa59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegEnumValueW
RegDeleteKeyA
RegQueryInfoKeyA
RegQueryInfoKeyW
RegFlushKey
RegDeleteValueW
RegOpenKeyA
RegEnumKeyA
RegLoadKeyW
RegOpenKeyExA
RegDeleteKeyW
RegEnumKeyW
RegQueryValueA
RegCreateKeyExW
RegEnumValueA
RegEnumKeyExW
RegQueryValueW
RegOpenKeyA
RegQueryValueExW
RegQueryValueA
RegDeleteValueA
RegDeleteValueW
RegEnumKeyW
RegFlushKey
RegEnumKeyExA
RegEnumValueW
RegLoadKeyW
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyW
RegOpenKeyExA
RegLoadKeyA
RegReplaceKeyW
RegReplaceKeyW
RegDeleteKeyW
RegOpenKeyExW
RegLoadKeyW
RegEnumKeyExA
RegCreateKeyExW
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueW
RegQueryValueA
RegOpenKeyA
RegEnumValueA
RegQueryValueExW
RegEnumKeyA
RegGetKeySecurity
RegEnumKeyW
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyW
RegReplaceKeyA
RegQueryInfoKeyA

comctl32

ImageList_LoadImageW
ImageList_DragMove
ImageList_GetIcon
ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_Draw
ImageList_Copy
ImageList_AddIcon
ImageList_DragLeave
ImageList_DragEnter
ImageList_GetIconSize
ImageList_DrawEx
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Remove
ImageList_EndDrag
ImageList_Destroy
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_GetImageRect
ImageList_GetDragImage
ImageList_BeginDrag
ImageList_Replace

user32

GetWindowTextA
AppendMenuW
GetFocus
GetDlgItem
DrawIconEx
GetCursor
IsMenu
CopyIcon
DrawIcon
DrawTextA
CopyRect
GetDC
CopyImage
GetWindowTextLengthA
AppendMenuA

kernel32

GetStdHandle
ExitThread
GlobalFree
CopyFileExW
GetComputerNameA
GetConsoleMode
CopyFileA
CopyFileW
SetLastError
DeleteAtom
WriteFile
GetFileSize
FindFirstFileA
FindAtomA
ReadConsoleW
DeleteFileW
GetCPInfo
ReadFile
OpenFile
GetCommandLineA
CreateDirectoryA
Sleep

Sections

CODE
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oYjiqN
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lMqjtt
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 2.3MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OyehPn
Size: 4KB - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36915968d154047fc0eb11c81e6bfa59

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

Sections

CODE Size: 260KB - Virtual size: 259KB

.oYjiqN Size: 8KB - Virtual size: 6KB

.fdata Size: 8KB - Virtual size: 4KB

.lMqjtt Size: 4KB - Virtual size: 1KB

.sdata Size: 2.3MB - Virtual size: 6.1MB

.OyehPn Size: 4KB - Virtual size: 171B

.rdata Size: 4KB - Virtual size: 24B

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 4KB

CODE
Size: 260KB - Virtual size: 259KB

.oYjiqN
Size: 8KB - Virtual size: 6KB

.fdata
Size: 8KB - Virtual size: 4KB

.lMqjtt
Size: 4KB - Virtual size: 1KB

.sdata
Size: 2.3MB - Virtual size: 6.1MB

.OyehPn
Size: 4KB - Virtual size: 171B

.rdata
Size: 4KB - Virtual size: 24B

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 4KB