49e1cab3cc7546a54a35a567a7e249ab

Sharing

Copy URL Twitter E-mail

General

Target

49e1cab3cc7546a54a35a567a7e249ab
Size

82KB
MD5

49e1cab3cc7546a54a35a567a7e249ab
SHA1

87dd599fad8f0a927d6520c22a353fbd424365ec
SHA256

845e11326ca27bfb2e8689b8d2b2f6d96ce3856c06d8f819f098907c0e1da485
SHA512

1b8fd3aaa19dacb4470f2b35f78af7207c969d3fa90fefc66ba65ab6429d1314068cefcf0cb16b1a9c1886aca8b2b86cbf81e2cf85fcfee6bb9b11cdbdd5cd5d
SSDEEP

1536:HfHmC/vC46V1q64s9mQ4BC9hkUDx4Qp/HVZaQol9/i:Hu34cqxQEY5rDoW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49e1cab3cc7546a54a35a567a7e249ab

Files

49e1cab3cc7546a54a35a567a7e249ab
.exe windows:4 windows x86 arch:x86

38c5808cc64ce381be36724982674fdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
DeleteFileA
GetStringTypeA
GetStringTypeW
GetCommandLineA
CloseHandle
lstrlenA
lstrcatA
GetCPInfo
lstrcmpA
SetLastError
GetLastError
HeapAlloc
FreeLibrary
GetLocalTime
GlobalFree
GetModuleFileNameA
GetFileAttributesA
WideCharToMultiByte

advapi32

RegCreateKeyExA
RegLoadKeyA
RegEnumKeyW
RegDeleteValueW
RegQueryValueA
RegEnumValueA
RegCreateKeyExW
RegDeleteValueA
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExW
RegLoadKeyW
RegEnumValueW
RegDeleteKeyA
RegFlushKey
RegQueryInfoKeyW
RegOpenKeyExA
RegEnumKeyExA
RegOpenKeyA

user32

DrawIconEx
CopyRect
GetDlgItem
AlignRects
LoadMenuA
GetFocus
GetMenu
GetWindowTextLengthA
DialogBoxParamA
CopyImage
DrawTextA
AppendMenuA
IsWindow
LoadCursorA
CalcMenuBar
DrawTextW
DialogBoxParamW
DrawTextA
GetWindowTextLengthA
LoadCursorA
IsWindow
CopyImage
GetDC
DialogBoxParamW
CopyIcon
GetCursor
GetDlgItem
AppendMenuA
AppendMenuW
InsertMenuA
CalcMenuBar
CopyRect
DrawIconEx
EndDialog

comctl32

ImageList_LoadImage
ImageList_DragLeave
ImageList_GetIconSize
ImageList_GetImageRect
ImageList_Merge
ImageList_Create
ImageList_GetDragImage
ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_Remove
ImageList_EndDrag
ImageList_LoadImageW
ImageList_AddIcon
ImageList_GetImageCount
ImageList_Destroy
ImageList_BeginDrag
ImageList_DragEnter

Sections

.mhSQ
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PJzn
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IHwE
Size: 3KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TnxIT
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YAzq
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38c5808cc64ce381be36724982674fdd

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

Sections

.mhSQ Size: 10KB - Virtual size: 10KB

.PJzn Size: 62KB - Virtual size: 62KB

.IHwE Size: 3KB - Virtual size: 142KB

.TnxIT Size: 1KB - Virtual size: 2KB

.YAzq Size: 1024B - Virtual size: 2KB

.mhSQ
Size: 10KB - Virtual size: 10KB

.PJzn
Size: 62KB - Virtual size: 62KB

.IHwE
Size: 3KB - Virtual size: 142KB

.TnxIT
Size: 1KB - Virtual size: 2KB

.YAzq
Size: 1024B - Virtual size: 2KB