450d8105cb806dad52785e9c894ecd06

Sharing

Copy URL

Twitter E-mail

General

Target

450d8105cb806dad52785e9c894ecd06
Size

681KB
MD5

450d8105cb806dad52785e9c894ecd06
SHA1

5a220f31449c1224846840b34fd7d0a4eb9b1ff5
SHA256

b3661caa8ee47f54ac59e562e4bba4f7091b6c9e17e49a34b9879c86c846058b
SHA512

76daaad15861a3e3e1c5286ccdc9833287c8b7eb3cfbe47b8d5d642a2d237742e2cd398e179713de99ba2add24c77feae1eac8de81a64d34d6b895f1e0596d2e
SSDEEP

3072:ddEtEM9EuOmGsj2BAnNSMZ4s0zlYQj8e:d0xGhBAnNS4b0zqO8e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
450d8105cb806dad52785e9c894ecd06

Files

450d8105cb806dad52785e9c894ecd06
.exe windows:4 windows x86 arch:x86

19af72cf6a4a087ed8fc6fa95c0de22f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetVersion
Process32Next
CloseHandle
GetWindowsDirectoryA
WriteProcessMemory
LoadLibraryA
FileTimeToLocalFileTime
CreateDirectoryW
GetModuleFileNameA
Process32First
GetCurrentProcess
GetSystemDirectoryA
GetModuleHandleA
CreateToolhelp32Snapshot
CreateRemoteThread
ExitProcess
ReadProcessMemory
CreateProcessA
OpenProcess
WaitForSingleObject
GetModuleFileNameA
GetDriveTypeW
LoadModule
GetProcessTimes
GetProcAddress
PeekNamedPipe

user32

UpdateWindow
TranslateMessage
CopyIcon
DefWindowProcA
GetMessageA
RegisterClassExA
GetNextDlgTabItem
CharToOemA
DispatchMessageA
DdeGetLastError
CreateWindowExA
ShowWindow

advapi32

GetTokenInformation
GetTraceEnableLevel
StartServiceA
RegSaveKeyW
CryptGetHashParam
EnumDependentServicesA
RegConnectRegistryA
RegNotifyChangeKeyValue
DestroyPrivateObjectSecurity
RegEnumValueW
DuplicateTokenEx
CryptVerifySignatureA
GetNamedSecurityInfoA
CryptExportKey
CryptDecrypt
RegEnumValueA
OpenEventLogW
RegisterServiceCtrlHandlerA
RegOpenKeyA
CryptHashSessionKey
RegCreateKeyExA
RegSetValueW

shell32

SHGetPathFromIDListW
ExtractAssociatedIconW
DllUnregisterServer
ExtractIconW
SHHelpShortcuts_RunDLL
DoEnvironmentSubstA
SHLoadNonloadedIconOverlayIdentifiers
StrStrIA
SHGetDiskFreeSpaceExW
Control_RunDLLW
SHExtractIconsW
DllInstall
SHBrowseForFolderW
SHGetSpecialFolderPathA
ExtractAssociatedIconExA
CommandLineToArgvW
SHGetMalloc
RealShellExecuteExA
SHGetNewLinkInfo
ShellExec_RunDLLW
StrRChrW

gdi32

CreateEllipticRgn
GetMetaFileBitsEx
GetEnhMetaFileHeader
ResizePalette
SetTextCharacterExtra
CreateRectRgnIndirect
GetViewportExtEx
SetMiterLimit
SetColorAdjustment
GetCharWidthW
GetSystemPaletteUse
GetCharacterPlacementA
CopyMetaFileW
IntersectClipRect
WidenPath
CloseFigure
CreateDCA
GetFontData
CreateMetaFileA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 460KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oli
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19af72cf6a4a087ed8fc6fa95c0de22f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 460KB - Virtual size: 460KB

.idata Size: 88KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: 4KB - Virtual size: 4KB

.oli Size: - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 460KB - Virtual size: 460KB

.idata
Size: 88KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: 4KB - Virtual size: 4KB

.oli
Size: - Virtual size: 4KB