46dc9e431f4ec95292081e2a58155840

Sharing

Copy URL

Twitter E-mail

General

Target

46dc9e431f4ec95292081e2a58155840
Size

219KB
MD5

46dc9e431f4ec95292081e2a58155840
SHA1

e3edcdcf04165f778d7701ad57b9d98eb68d6a63
SHA256

e186821de36e256cd4022e1be714412688e176c8dd933ad28a297c3f0e1df1b5
SHA512

dfe0f2b7009bc1e7aeb5dac53c371362ab4265f1c367688a61e0f03475bb77c4fa4a6b5fae02debafe2118f262b4544ffa4011f9faa15ee899fe8d0f004603de
SSDEEP

6144:bLMVbi1uh6EMdyWPXeGElrZgXKw8JsQO8Mf0R:Qm1oKyg/Xs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46dc9e431f4ec95292081e2a58155840

Files

46dc9e431f4ec95292081e2a58155840
.exe windows:4 windows x86 arch:x86

52671d1692a7ac33d4b9e7dd0aff0da9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetDefaultProviderA
InitializeSecurityDescriptor
RegReplaceKeyA
CryptImportKey
CryptGenRandom
CryptEnumProviderTypesW
RegDeleteValueW
CryptContextAddRef
AbortSystemShutdownA
LogonUserW
RegQueryValueExA
CryptSetProviderW
RegDeleteValueA
CryptDestroyHash
RegEnumValueA
CryptCreateHash
CryptSetProvParam
RegQueryValueA
CryptGetHashParam
CryptVerifySignatureA
RegLoadKeyA
RegOpenKeyA
RevertToSelf
LookupPrivilegeNameW

shell32

SHLoadInProc
ShellExecuteEx
InternalExtractIconListA
CheckEscapesA
RealShellExecuteExA
ShellHookProc
SHGetMalloc
SHInvokePrinterCommandA
SHBrowseForFolderA
SHInvokePrinterCommandW
ExtractIconResInfoW
RealShellExecuteA
ShellExecuteW
SheFullPathA
DoEnvironmentSubstA
SheGetDirA
FindExecutableA
InternalExtractIconListW
ExtractIconExA
SHGetSpecialFolderLocation
SheSetCurDrive
SheChangeDirW
SheShortenPathA
SHEmptyRecycleBinA
SHQueryRecycleBinA
RealShellExecuteExW
SHEmptyRecycleBinW
SHFileOperation
DragQueryFileW
SHGetDiskFreeSpaceA
SHGetPathFromIDListW
ShellExecuteA
SHGetSettings
ShellExecuteExW
SheGetCurDrive
SHFreeNameMappings
SheGetDirExW
ExtractVersionResource16W
ExtractAssociatedIconExA
SheGetDirW
ShellAboutA
SHGetDesktopFolder
DragAcceptFiles
ShellExecuteExA
ExtractAssociatedIconA
FindExecutableW
SHGetPathFromIDList
SHFormatDrive
SHFileOperationW
SHGetInstanceExplorer
SHQueryRecycleBinW
ExtractIconEx
DuplicateIcon
SHFileOperationA
FreeIconList
SHGetFileInfoW
SheRemoveQuotesW
SHGetPathFromIDListA
ExtractAssociatedIconW
SHGetSpecialFolderPathW
SHGetDataFromIDListA
ExtractIconExW
CheckEscapesW
SHGetFileInfo
SheChangeDirExA
SHGetFileInfoA
DragFinish
SHBrowseForFolder
SheRemoveQuotesA
SheChangeDirA
ExtractIconResInfoA
ExtractIconA
SHGetSpecialFolderPathA
FindExeDlgProc
ShellAboutW
ExtractAssociatedIconExW

wsock32

__WSAFDIsSet
select
ord1130
ord1116
ord1111
getprotobynumber
ord1108
connect
ord1119
ord1118
recv
ord1000
getsockopt
WSAAsyncGetProtoByNumber
ord1142
gethostbyaddr
setsockopt
ord1103
getprotobyname
WSAUnhookBlockingHook
ord1112
getservbyport
WSAIsBlocking
ord1115
ord1110
WSASetBlockingHook
closesocket
bind
inet_ntoa
WSACancelBlockingCall
ord1101
gethostname
ord1100
recvfrom
ord1114
WSAAsyncGetHostByName
ntohl
gethostbyname
sendto
ord1107
WEP
ord1140
ord1141
WSACleanup
ord1104
socket
send
htonl
accept
htons
getsockname
WSAGetLastError
ord1113
ord1120
ord1105
inet_addr
WSASetLastError
WSACancelAsyncRequest
WSAAsyncGetServByName
ntohs
ord1102
WSAAsyncGetServByPort
ioctlsocket
ord1106
WSAAsyncSelect
WSAAsyncGetHostByAddr
getservbyname
shutdown
ord1117
WSAAsyncGetProtoByName
ord1109
listen
getpeername

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52671d1692a7ac33d4b9e7dd0aff0da9

Headers

File Characteristics

Imports

advapi32

shell32

wsock32

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 89KB - Virtual size: 89KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 89KB - Virtual size: 89KB