46ece978af4203171146960322c0e33c

Sharing

Copy URL Twitter E-mail

General

Target

46ece978af4203171146960322c0e33c
Size

85KB
MD5

46ece978af4203171146960322c0e33c
SHA1

841fa0800bf82e4e83d0e134d8a5c9386d228909
SHA256

06b799ae1817fa86a53079ad8f558d146ece1141070183a5f941889813f8f1bd
SHA512

9c2c0c7717b8a41a99c14da420db2881aa8ca772728485f4e5b1e20636df19e3492f857c92f635f0b823f4e6ac7bb6f3e35b2ff2e4c7dbfc279d85838ceb2383
SSDEEP

1536:WNPOTecZ/fBnltqxhdvjWCOVsCeG6bVC2gc1c1ysCaPvyPWCiADDIwzNtV0wKJeT:WNWlZ/Jnjqdvj7OUVC2gQceasWMDswzt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46ece978af4203171146960322c0e33c

Files

46ece978af4203171146960322c0e33c
.exe windows:4 windows x86 arch:x86

3eed746572bfedfee0e0c4517bd71a0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdiplus

GdipCloneImage
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdipCreateBitmapFromFile
GdipAlloc
GdipFree
GdiplusStartup
GdipCreateBitmapFromFileICM

netapi32

NetUserEnum
NetWkstaUserGetInfo
NetUserAdd
NetUserDel
NetLocalGroupAddMembers
NetApiBufferFree
NetUserGetLocalGroups
NetGetJoinInformation

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSRegisterSessionNotification

shlwapi

UrlCanonicalizeW
UrlApplySchemeW
PathCombineW
UrlGetPartW
UrlCombineW
PathAppendW

crypt32

CryptUnprotectData
CryptProtectData

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
FindExecutableW
SHAppBarMessage
Shell_NotifyIconW
ShellExecuteExW

secur32

GetUserNameExW

kernel32

GlobalAlloc
lstrlenW
LeaveCriticalSection
HeapSize
InterlockedIncrement
GetTickCount
MulDiv
HeapSetInformation
GetSystemTimeAsFileTime
CloseHandle
GetLocaleInfoA
ResetEvent
GetProcessHeap
UnhandledExceptionFilter
InitializeCriticalSection
GetCurrentThreadId
LoadResource
SetLastError
VirtualAlloc
SizeofResource
GlobalUnlock
GetLocaleInfoW
GetProcAddress
GetLastError
GetCurrentProcess
LocalAlloc
FlushInstructionCache
GetProcessVersion
CreateMutexW
LoadLibraryExW
RaiseException
LCMapStringW
VirtualLock
GetProcessId
GetTempPathW
GetComputerNameW
VirtualUnlock
EnterCriticalSection
GetModuleFileNameW
ExitProcess
HeapReAlloc
IsDebuggerPresent
LockResource
WaitForMultipleObjects
IsProcessorFeaturePresent
DeleteCriticalSection
WaitForSingleObject
GetVersionExW
ReleaseMutex
InterlockedDecrement
FreeLibrary
FindResourceW
LocalFree
InterlockedExchange
TerminateProcess
HeapFree
CreateEventW
InterlockedCompareExchange
GetStartupInfoW
QueryPerformanceCounter
ProcessIdToSessionId
GlobalLock
lstrlenA
GlobalHandle
FindResourceExW
HeapAlloc
OpenProcess
SetEvent
HeapDestroy
MultiByteToWideChar
GetThreadLocale
lstrcmpW
GlobalFree
VirtualFree
GetSystemInfo
CreateFileW
FormatMessageW
SetUnhandledExceptionFilter
GetVersionExA
GetSystemDirectoryW
LoadLibraryW
Sleep
WideCharToMultiByte
LoadLibraryA
GetACP
CreateThread
GetModuleHandleW

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

ole32

StringFromGUID2
CoTaskMemFree
OleUninitialize
OleLockRunning
CoTaskMemAlloc
CoInitializeSecurity
OleInitialize
CoGetClassObject
CoCreateInstance
CoInitializeEx
CLSIDFromString
StringFromCLSID
CoAllowSetForegroundWindow
CreateStreamOnHGlobal
CoSetProxyBlanket
CoUninitialize
CLSIDFromProgID
CoCreateGuid

gdi32

DeleteObject
CreateCompatibleDC
DeleteDC
BitBlt
CreateCompatibleBitmap
GetStockObject
GetDeviceCaps
CreateSolidBrush
SelectObject
GetObjectW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3eed746572bfedfee0e0c4517bd71a0a

Headers

File Characteristics

Imports

version

gdiplus

netapi32

wtsapi32

shlwapi

crypt32

shell32

secur32

kernel32

ddraw

ole32

gdi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 30KB - Virtual size: 30KB

.rsrc Size: 1024B - Virtual size: 68KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 1024B - Virtual size: 68KB