442c4866bbfb8924d6a1c09044ecb5ea

Sharing

Copy URL Twitter E-mail

General

Target

442c4866bbfb8924d6a1c09044ecb5ea
Size

82KB
MD5

442c4866bbfb8924d6a1c09044ecb5ea
SHA1

e6d1d0693a9da40fab19cb98d49101d2b788b4e9
SHA256

cb6a33e1f6864bd95302dd2dcd4b4f7432c3342a1077ea2db57ceda08d837059
SHA512

3af8b2b255c1bf406842016ff266d221cc1f71bdabca30d7207d3b1993fb72af3b91571605c893b0b752954ed36e8964d6d35e82649952c8e0a3d538fe08e5f2
SSDEEP

1536:igH7V+EwtT2qzEkdmM2Xs4UWkgf4SqOgUrxrkwbP/Cq+9/VvS:1pwYq4kdP2NUDSg8Rb6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
442c4866bbfb8924d6a1c09044ecb5ea

Files

442c4866bbfb8924d6a1c09044ecb5ea
.exe windows:4 windows x86 arch:x86

09b7e4e15a19b382be54e915fa6bb3c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalAlloc
LockResource
GetCommandLineA
LoadResource
FindResourceA
GlobalFree
GlobalUnlock
lstrcpyA
LoadLibraryA
GetExitCodeThread
WinExec
GetPrivateProfileStringA
TerminateProcess
OpenProcess
GetPrivateProfileIntA
GetWindowsDirectoryA
GetCommConfig
GetCommProperties
CloseHandle
FreeLibrary
GetProcAddress
HeapReAlloc
FreeEnvironmentStringsW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetFilePointer
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetLastError
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
HeapFree
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
VirtualAlloc
SetStdHandle
Sleep
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc

user32

DestroyWindow
MessageBoxA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
GetActiveWindow
IsDlgButtonChecked
GetDlgItem
EnableWindow
GetDlgItemTextA
GetWindowThreadProcessId
SetWindowTextA
SetDlgItemTextA
GetWindow
GetWindowTextA
KillTimer
ShowWindow
SetTimer
PostMessageA
InvalidateRect
DefWindowProcA
BeginPaint
GetClientRect
DrawTextA
EndPaint
PostQuitMessage
DialogBoxParamA
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
GetSystemMenu
DeleteMenu
ModifyMenuA
SendMessageA
EndDialog

gdi32

GetStockObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

rasapi32

RasGetErrorStringA
RasDialA
RasHangUpA
RasEnumConnectionsA

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09b7e4e15a19b382be54e915fa6bb3c1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

rasapi32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 44KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 44KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 22KB - Virtual size: 22KB