47130cc59df48cfc4e8a056b27eff03a

Sharing

Copy URL Twitter E-mail

General

Target

47130cc59df48cfc4e8a056b27eff03a
Size

454KB
MD5

47130cc59df48cfc4e8a056b27eff03a
SHA1

735fd1031219e58d42aa766e7b4c177451f19e24
SHA256

aabb5370586be73ea96da0b47ec20c0441d324408eeff3357c7895a5155b2703
SHA512

90de115a6548a9b10627ba53bff953cae8a9421e5af0804a7f6df2f33e83ecd2a7b35dbb5cc109a9438cb4b30fb0ab1dee908507947202708dccf3fe97f94116
SSDEEP

12288:sOmN8wgL6MA5BprJZodJxuY7HYROoJX8gkCyfWMRs+xAj9X:VmawgOMA5BprJ24xjyuMCX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47130cc59df48cfc4e8a056b27eff03a

Files

47130cc59df48cfc4e8a056b27eff03a
.exe windows:4 windows x86 arch:x86

c461cd2550b10fd1c8b10090c7430f7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontA
GetSaveFileNameW
FindTextA

kernel32

GetModuleFileNameA
WriteFile
GetPrivateProfileStringW
IsBadReadPtr
HeapAlloc
SetFilePointer
GetCurrentThreadId
InterlockedIncrement
GetOEMCP
GetLogicalDrives
GetACP
GetStringTypeA
EnterCriticalSection
HeapReAlloc
GetCurrentProcessId
EnumSystemLocalesA
GetDateFormatA
RtlUnwind
GetSystemInfo
DeleteCriticalSection
SetHandleCount
SetLastError
SetSystemTime
GetStdHandle
SetEnvironmentVariableA
GetDiskFreeSpaceExW
GetFileType
GetEnvironmentVariableA
GetUserDefaultLCID
GetProcessAffinityMask
GetLastError
FileTimeToLocalFileTime
LoadLibraryA
FlushFileBuffers
GetLocaleInfoA
GetSystemTimeAsFileTime
TlsAlloc
DebugActiveProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
ExpandEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
SetWaitableTimer
VirtualProtect
GetCPInfo
IsValidCodePage
InterlockedDecrement
GetCommandLineW
InitializeCriticalSection
LeaveCriticalSection
VirtualQuery
SetThreadIdealProcessor
GetCurrentThread
CloseHandle
IsBadWritePtr
GetTickCount
GetTimeFormatA
GetStartupInfoW
GetWindowsDirectoryW
TlsGetValue
HeapCreate
VirtualAlloc
GetEnvironmentStrings
DeleteFiber
InterlockedExchange
TlsSetValue
GetCurrentProcess
VirtualFree
GetConsoleCursorInfo
SetConsoleCtrlHandler
HeapFree
WideCharToMultiByte
ExitProcess
GetModuleFileNameW
OutputDebugStringA
SystemTimeToFileTime
LCMapStringW
GetLocaleInfoW
GetModuleHandleA
GetStartupInfoA
LCMapStringA
UnhandledExceptionFilter
GetConsoleScreenBufferInfo
OpenFile
IsValidLocale
TryEnterCriticalSection
GetVersion
TlsFree
GetStringTypeW
GetVersionExA
DebugBreak
CompareStringW
HeapValidate
MultiByteToWideChar
CreateMailslotA
GetProcAddress
HeapDestroy
CompareStringA
TerminateProcess
SetStdHandle
CreateNamedPipeW
DeleteFileA
GetEnvironmentStringsW

shell32

FindExecutableW
SHInvokePrinterCommandW
SHGetMalloc
SheChangeDirExW
ExtractAssociatedIconW

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c461cd2550b10fd1c8b10090c7430f7a

Headers

File Characteristics

Imports

comdlg32

kernel32

shell32

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 11KB - Virtual size: 29KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 11KB - Virtual size: 29KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 6KB - Virtual size: 5KB