4a03a7a865efd436e919c7a70732b958

Sharing

Copy URL Twitter E-mail

General

Target

4a03a7a865efd436e919c7a70732b958
Size

404KB
MD5

4a03a7a865efd436e919c7a70732b958
SHA1

a72dcbb22a6551ed93f67175668349f0566d9aa8
SHA256

9fa4a86acbc5009422b2dd590d7107410533f9304f74b52b438a22a368023ed3
SHA512

2c5eb2f9997041bb5d3739a394a40a26ca820d790bdfd485cf4c174bf49cb09062663cffae682fdfe3aa204d67444d758c6b36fe286ca5e20f8faa938bbfdc71
SSDEEP

6144:9UpNvGvWbciLmc0BlkI8bJH4FkU0tfhyyaBAZIYNVgRt2Iz:U+vWbcUZclkI8bJH4FamyaBglNwt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a03a7a865efd436e919c7a70732b958

Files

4a03a7a865efd436e919c7a70732b958
.exe windows:4 windows x86 arch:x86

dbc543c4680da579134521583a5ebec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
GetLastError
DeleteFileA
GlobalAlloc
TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
Sleep
GlobalSize
SetEndOfFile
GetOEMCP
GetACP
SizeofResource
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
FlushFileBuffers
SetStdHandle
ReadFile
IsBadWritePtr
HeapReAlloc
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetCPInfo
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind

user32

DialogBoxParamA
CheckMenuItem
GetMenu
InvalidateRect
SetDlgItemInt
TranslateMessage
DispatchMessageA
PeekMessageA
EndDialog
GetClientRect
BeginPaint
EndPaint
SetWindowTextA
GetDlgItem
EnableWindow
SendMessageA
SetDlgItemTextA
GetDlgItemTextA
ShowWindow
GetDlgItemInt
MessageBoxA

gdi32

StretchDIBits

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

lsapi

ord27
ord46
ord1
ord2
ord8
ord4
ord40
ord22
ord7
ord15
ord6
ord34
ord33
ord108
ord20
ord48
ord109
ord107
ord5
ord101
ord25
ord32
ord18
ord11
ord47
ord19
ord105
ord43
ord45
ord17
ord64
ord55
ord65
ord57
ord58
ord59
ord60
ord61
ord62
ord56
ord37
ord38
ord63
ord69
ord75
ord29
ord72
ord51
ord66
ord96
ord106
ord94
ord16

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbc543c4680da579134521583a5ebec8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

lsapi

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 41KB

.rsrc Size: 64KB - Virtual size: 66KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 41KB

.rsrc
Size: 64KB - Virtual size: 66KB