45b4702137fda6ace4271b28e18a4729

Sharing

Copy URL Twitter E-mail

General

Target

45b4702137fda6ace4271b28e18a4729
Size

420KB
MD5

45b4702137fda6ace4271b28e18a4729
SHA1

2f4e6aa7802a9e58006a943989be1fa6e06be5e9
SHA256

e781201616451b2b81ef2048f3d65014141a671b277896179b91d20b932332ca
SHA512

f428487ffdc834766f16d2c27ee1cd9ab951ff31a14eb516bb85e565fe41b2cf6884d5f7c43a723207fb41c83936da65c756d4068af6416dee412682ac280110
SSDEEP

6144:bJZa5zTOvLud4vcJojH25p68Hlovf4zC0/ZH66FsLOgOn+028E:uUqdh6H276gEWCUZGLOgi+028E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b4702137fda6ace4271b28e18a4729

Files

45b4702137fda6ace4271b28e18a4729
.exe windows:4 windows x86 arch:x86

6f476be2004bd85f05f54664f0bbf78a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeCreateDataHandle
SetMessageQueue
SetMenu
TabbedTextOutW
PostQuitMessage
ArrangeIconicWindows
MapWindowPoints
PostThreadMessageA
GetGUIThreadInfo
CreatePopupMenu
GetClipboardFormatNameW
CloseDesktop
ShowOwnedPopups
GetPropA
GetClipCursor
TranslateAcceleratorW
EnumDesktopsA
IntersectRect
InvalidateRect
MessageBeep
DefWindowProcW
CharUpperA
SetShellWindow
LoadIconW
SendMessageTimeoutA

gdi32

GetICMProfileW
GetColorAdjustment
ChoosePixelFormat
GetBitmapDimensionEx
DeleteDC
SetTextColor
SetLayout
CreateRoundRectRgn
RealizePalette
GetCurrentPositionEx
GetObjectA
GetDeviceGammaRamp

wininet

FindCloseUrlCache
FindNextUrlCacheEntryExW
InternetQueryOptionW
UnlockUrlCacheEntryFileW
InternetAutodialHangup
DeleteUrlCacheGroup

comdlg32

PrintDlgW
GetOpenFileNameW
ChooseFontW
ReplaceTextW
ChooseColorA
FindTextW
ReplaceTextA
GetFileTitleW
GetSaveFileNameA

kernel32

VirtualFreeEx
QueryPerformanceCounter
IsBadWritePtr
VirtualFree
WriteConsoleOutputCharacterA
HeapAlloc
MultiByteToWideChar
GetConsoleMode
LoadLibraryA
GetTickCount
InterlockedExchange
RtlUnwind
EnumDateFormatsExW
CreateFileA
IsBadReadPtr
GetStdHandle
GetEnvironmentStrings
GetLastError
SetConsoleTitleA
GetCurrentProcess
GetVersion
GetCurrentProcessId
ResetEvent
FreeEnvironmentStringsA
EnterCriticalSection
GetProcAddress
FoldStringA
InitializeCriticalSection
GetCommandLineW
GetModuleFileNameA
GetCommandLineA
GetAtomNameA
GetStartupInfoW
VirtualAlloc
TlsGetValue
FreeEnvironmentStringsW
GetCurrentThreadId
DeleteCriticalSection
HeapFree
SetHandleCount
UnhandledExceptionFilter
HeapReAlloc
GetEnvironmentStringsW
TerminateProcess
TlsAlloc
GetCurrentThread
LoadLibraryExW
WaitNamedPipeA
SetEnvironmentVariableW
GetStartupInfoA
HeapDestroy
GetModuleFileNameW
HeapCreate
TlsSetValue
WriteConsoleInputW
GetModuleHandleA
FileTimeToSystemTime
SetLastError
FindResourceExW
FindFirstFileA
VirtualQuery
EnumSystemLocalesA
LeaveCriticalSection
WriteFile
ExitProcess
SetEnvironmentVariableA
GetFileType
CreateFileMappingA
TlsFree
OpenWaitableTimerA
GlobalGetAtomNameA
GetSystemTimeAsFileTime

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f476be2004bd85f05f54664f0bbf78a

Headers

File Characteristics

Imports

user32

gdi32

wininet

comdlg32

kernel32

Sections

.text Size: 147KB - Virtual size: 147KB

.data Size: 267KB - Virtual size: 267KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 147KB - Virtual size: 147KB

.data
Size: 267KB - Virtual size: 267KB

.rsrc
Size: 4KB - Virtual size: 3KB