4658d79cd520fb5db145b5fe1af61b07

General

Target

4658d79cd520fb5db145b5fe1af61b07
Size

68KB
MD5

4658d79cd520fb5db145b5fe1af61b07
SHA1

4688f9085ae9e803662e0531380bd89e4381746a
SHA256

42fa04be49715535fd6345ceb2efcf319b7c049ed7b8ab69ddeb96a3169b5387
SHA512

5e19cab997250ee5f34c5fa2d737d12fb49f839e4083309901424a90f45ed993a4c35bdb2d6eee9459fe884d3e1be3cbc96a97d66bf7dde21937bccafef540fd
SSDEEP

768:iSIEn30rDjpI+2eR4k5v7BEeGYFbbTmzruxhGdt4bOLSRUs7kTBCx:EJrDjpv4kBEeGYF0MUdt4lRUuWBs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4658d79cd520fb5db145b5fe1af61b07

Files

4658d79cd520fb5db145b5fe1af61b07
.exe windows:4 windows x86 arch:x86

ea5a4e0386f1d87a46f84b6674adef21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetTickCount
SetCurrentDirectoryW
GetSystemTime
WideCharToMultiByte
DeleteFileW
LockResource
TerminateThread
CreateThread
LoadLibraryA
FreeLibrary
ReadProcessMemory
InterlockedIncrement
ResetEvent
QueryDosDeviceW
WritePrivateProfileStringW
MulDiv
GetLastError
MoveFileW
GetFileAttributesW
lstrcpyW
ReadFile
GlobalAddAtomW
SetEvent
GlobalUnlock
FindNextFileW
CreateWaitableTimerW
ResumeThread
GetProcAddress
InterlockedDecrement
GetLocalTime
GetFileSize
WaitForSingleObject
GetCurrentProcess

user32

SendDlgItemMessageW
GetWindowTextW
DestroyMenu
EndDialog
TrackPopupMenu
GetWindowDC
UpdateWindow
PostThreadMessageW
ReleaseCapture
WindowFromPoint
wsprintfW
SetLayeredWindowAttributes
RegisterClassExW
GetKeyState
DialogBoxParamW
GetParent
PostQuitMessage
SetCursor
SetWindowTextW
SystemParametersInfoW
IsDlgButtonChecked
GetWindowRect
SendMessageW

gdi32

DeleteObject
SetMapMode
DPtoLP
StretchBlt
SetBkColor
GetMapMode
SetDIBits
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
CreateBitmap

advapi32

RegQueryValueExW
LookupAccountSidW
GetUserNameW

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea5a4e0386f1d87a46f84b6674adef21

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB