447763154131f93f909c4b1b7f3fe220

Sharing

Copy URL Twitter E-mail

General

Target

447763154131f93f909c4b1b7f3fe220
Size

404KB
MD5

447763154131f93f909c4b1b7f3fe220
SHA1

38fbf8dd3719fd3bf1f351accf887f2c77aaaa45
SHA256

f450d1f44a0615483aa52b4d2f38c27b3bda2a258d27ae8e5cabd54952a70b7e
SHA512

14ea8b9cb04a82c35be4eab7a090d1cc8f6dda72033e9aa2f3037e340bafcbb783a923e047ad0cd8540070d6426de880ea698c0db53d07b226004a4fe747fb7f
SSDEEP

6144:Qxo50MaVEVLexV+1lk7HyQndDHcvwu7TEocSoKmyqcaKYY7tV:QFMaqVLmik7td2LfEPSjPqcaQ7t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
447763154131f93f909c4b1b7f3fe220

Files

447763154131f93f909c4b1b7f3fe220
.exe windows:4 windows x86 arch:x86

9be58e25054cbd411f22844366e760fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualQuery
CreateEventA
GetTickCount
UpdateResourceA
SizeofResource
DeleteFileA
CloseHandle
ReadFile
CreateFileA
LocalAlloc
FreeResource
LockResource
LoadResource
FindResourceExA
VirtualProtect
GetLastError
GetModuleHandleW
GetProcAddress
GlobalFree
WriteFile
GlobalAlloc
UnlockFile
LockFile
SetFilePointer
LoadLibraryA
SystemTimeToFileTime
GetSystemTime
FindClose
FindNextFileA
FreeLibrary
BeginUpdateResourceA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
RtlUnwind
HeapCreate
HeapDestroy
GetStringTypeW
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
GetVersion
CreateSemaphoreA
LoadLibraryW
WaitForSingleObject
VirtualAllocEx
Sleep
VirtualAlloc
GetModuleHandleA
GetWindowsDirectoryA
GetTempFileNameA
EndUpdateResourceA
ExitProcess
GetStartupInfoA
GetCommandLineA

user32

GetDesktopWindow
GetDC
IsWindow
IsWindowVisible
DestroyIcon
CreateIconIndirect
EndDialog
DialogBoxParamA
DestroyWindow
DefWindowProcA
BeginPaint
GetClientRect
DrawTextA
EndPaint
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostQuitMessage

gdi32

CreateCompatibleBitmap
GetDIBits
GetObjectA
EnumObjects
CreatePen
CreateSolidBrush
SelectObject
Rectangle
DeleteObject
GetDeviceCaps

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bose
Size: 119KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.win
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vps
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9be58e25054cbd411f22844366e760fa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 72KB - Virtual size: 71KB

.rsrc Size: 14KB - Virtual size: 14KB

.bose Size: 119KB - Virtual size: 487KB

.win Size: 1024B - Virtual size: 1024B

.vps Size: 1024B - Virtual size: 1024B

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 14KB - Virtual size: 14KB

.bose
Size: 119KB - Virtual size: 487KB

.win
Size: 1024B - Virtual size: 1024B

.vps
Size: 1024B - Virtual size: 1024B