458404cc5d21002da9f4e13d013b7736

Sharing

Copy URL Twitter E-mail

General

Target

458404cc5d21002da9f4e13d013b7736
Size

436KB
MD5

458404cc5d21002da9f4e13d013b7736
SHA1

eb509d4e39c6cf8987c5dfac1cafaa996b67f5cd
SHA256

b399f6a0d497a21e85ca3dcb7bf4f8947c1c79f9ee132a0de2b649589bfb597b
SHA512

545773333db1ce7f4a1c35ec38e22ea7ee8a7861744438ef8b617c8ee78fadd9365c7eafd50f89c8c3046b3e962faf0543177a8bf192309f63a0437c745f7c76
SSDEEP

6144:buKsy2YbN8/1ZM6mxZsCDWkOc7tYSPk1KaGOjEkClRz/F4MvIF8NR1jFztJ++1lw:5TNwVCKKaGrRz/qTFKR1jFtc+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
458404cc5d21002da9f4e13d013b7736

Files

458404cc5d21002da9f4e13d013b7736
.exe windows:4 windows x86 arch:x86

f00879092a9198b9d0628b14a254cbfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyW
RegSetValueExW
RegEnumValueA
CryptSetProvParam
CryptGetKeyParam
InitiateSystemShutdownA
CryptGetUserKey
RegCreateKeyA
RegNotifyChangeKeyValue
CryptSetProviderA
RegCloseKey
RegOpenKeyA
AbortSystemShutdownW
CryptEncrypt
RegCreateKeyExA
RegOpenKeyExA
CryptHashSessionKey
RegSetKeySecurity
ReportEventW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
LookupSecurityDescriptorPartsW
RegEnumValueW

comdlg32

ChooseColorA
ChooseFontW
PrintDlgW
PrintDlgA
GetSaveFileNameA
FindTextW
FindTextA
ChooseFontA
GetFileTitleW
ChooseColorW
ReplaceTextW
GetOpenFileNameA
GetSaveFileNameW
GetFileTitleA
PageSetupDlgA
ReplaceTextA

wininet

InternetWriteFileExA

user32

ShowScrollBar

kernel32

ExitProcess
GetCPInfo
HeapReAlloc
TlsGetValue
GetDateFormatA
FoldStringA
TerminateProcess
SetUnhandledExceptionFilter
LeaveCriticalSection
InterlockedExchange
IsValidLocale
GetCommandLineA
LCMapStringA
HeapFree
GetOEMCP
UnhandledExceptionFilter
SetHandleCount
GetStringTypeA
GetTickCount
VirtualAlloc
GetStartupInfoA
FreeEnvironmentStringsA
SetConsoleCtrlHandler
WriteFile
GetCurrentProcessId
CompareStringA
WriteConsoleOutputCharacterA
DeleteCriticalSection
GetLastError
VirtualQuery
EnumSystemLocalesA
GetTimeFormatA
GetVersionExA
GetStdHandle
InterlockedDecrement
EnterCriticalSection
Sleep
HeapDestroy
GetModuleFileNameA
LoadLibraryA
GetACP
WideCharToMultiByte
LCMapStringW
GetProcAddress
SetLastError
GetCurrentThread
HeapSize
GetTimeZoneInformation
HeapCreate
HeapAlloc
GetEnvironmentStrings
GetCurrentThreadId
GetEnvironmentStringsW
VirtualFree
GetModuleHandleA
QueryPerformanceCounter
TlsFree
GetFileType
GetSystemTimeAsFileTime
TlsSetValue
GetCurrentProcess
InterlockedIncrement
SetEnvironmentVariableA
GetProcessHeap
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSection
CompareStringW
FreeEnvironmentStringsW
GetLocaleInfoW
IsDebuggerPresent
RtlUnwind
GlobalFlags
GetUserDefaultLCID
FreeLibrary
TlsAlloc
MultiByteToWideChar
IsValidCodePage

gdi32

StretchBlt
UpdateICMRegKeyA
GetDIBColorTable
GetCharacterPlacementA
PtInRegion
GetWinMetaFileBits
SetBoundsRect
CreatePen
GetRgnBox
GetCharWidth32A
CloseFigure
OffsetRgn
PolylineTo
GetRasterizerCaps
UnrealizeObject
GetKerningPairs
BitBlt
SetROP2
PlayEnhMetaFileRecord
GetOutlineTextMetricsA
GetMetaFileBitsEx
CreateDiscardableBitmap

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f00879092a9198b9d0628b14a254cbfb

Headers

File Characteristics

Imports

advapi32

comdlg32

wininet

user32

kernel32

gdi32

Sections

.text Size: 146KB - Virtual size: 145KB

.data Size: 279KB - Virtual size: 303KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 146KB - Virtual size: 145KB

.data
Size: 279KB - Virtual size: 303KB

.rsrc
Size: 10KB - Virtual size: 10KB