4712593ccdbeac886024d6aaa5172b21

General

Target

4712593ccdbeac886024d6aaa5172b21
Size

174KB
MD5

4712593ccdbeac886024d6aaa5172b21
SHA1

4b354b96e624f8ba14876cd358c4d5202ecd289b
SHA256

618bbba57f1cc3ec7bbc4dffa1ed9a626141443ed7933c284f90019b70c8ea92
SHA512

9b3797700fbc7d1dcf38484f63cd16933df231e1fb6dc91f795532afc5168c240b65e32b5ee42929f1f1c895b67758979f1207681c2df7c6f64051ee291a89e6
SSDEEP

3072:LO0iK2/TuDH6w/KycOtx0OaUI07WJ30gI7E0sy1wiZwhAlvJul:LO0iKguMx/ODI0aWgn5iZwWsl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4712593ccdbeac886024d6aaa5172b21

Files

4712593ccdbeac886024d6aaa5172b21
.exe windows:4 windows x86 arch:x86

7c6ed3524f099d710c4e537d8d1656e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeW
UrlCombineW
UrlApplySchemeW
PathCombineW
UrlGetPartW
PathAppendW

kernel32

LoadLibraryW
GetTickCount
IsDebuggerPresent
HeapFree
lstrlenA
WideCharToMultiByte
HeapFree
GetSystemTime
GetLocaleInfoA
GetACP
InterlockedExchange
QueryPerformanceCounter
GetThreadLocale
SetUnhandledExceptionFilter
LoadLibraryExW
WriteFile
InterlockedCompareExchange
CreateFileW
GetProcessHeap
GetSystemTimeAsFileTime
HeapDestroy
LocalAlloc
RaiseException
SystemTimeToFileTime
GetEnvironmentVariableA
EnumResourceTypesW
ResetWriteWatch
GetStartupInfoA
lstrlenW
TerminateProcess
UnhandledExceptionFilter
CreateProcessA
GetStdHandle
GetCurrentProcess
HeapReAlloc
GetModuleHandleA
MultiByteToWideChar
CloseHandle
Sleep
GetCurrentThreadId
HeapAlloc
HeapSize
GetCurrentProcessId
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

msimg32

TransparentBlt

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSRegisterSessionNotification

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c6ed3524f099d710c4e537d8d1656e0

Headers

File Characteristics

Imports

shlwapi

kernel32

oleacc

msimg32

wtsapi32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 2KB - Virtual size: 153KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 2KB - Virtual size: 153KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB