479fe6afb6625e50d4edc491fe2e66ff

Sharing

Copy URL Twitter E-mail

General

Target

479fe6afb6625e50d4edc491fe2e66ff
Size

19KB
MD5

479fe6afb6625e50d4edc491fe2e66ff
SHA1

68ee51295b655544e4a1c0ae8219b74f82085427
SHA256

da8f13eaee2d9e7ac6eabc138f66753f97904a8e85fac03866edbb8e33651824
SHA512

ba163369094cb7c1513299563ac3b8cc40d83c09994f9c69b77a863b2b22bddc78933dd9724ed3d46ff2fdc3df0dfe76e8a4654d3e7fb25e0861ce7c68849642
SSDEEP

384:JtpumMbDXPKHHaDnsknYwPtAkfjHmx1mQyH:VMbunaoyHmx1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
479fe6afb6625e50d4edc491fe2e66ff

Files

479fe6afb6625e50d4edc491fe2e66ff
.exe windows:4 windows x86 arch:x86

d823cf368bf68173dc2375e14c8ee9b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
WriteFile
HeapFree
CloseHandle
HeapAlloc
InitializeCriticalSection
FreeLibrary
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryA
HeapReAlloc

ole32

RevokeDragDrop

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntryA

msvcrt

sprintf
fopen
fseek
fclose
strncpy
strlen
strcpy
strcat

wsock32

closesocket
WSACleanup
WSAStartup

gdi32

CreateSolidBrush
CreatePen
DeleteObject
GetStockObject
GetObjectType

comctl32

InitCommonControlsEx
InitCommonControls

user32

DestroyWindow
GetWindow
SetActiveWindow
RemovePropA
SendMessageA
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
GetWindowLongA
GetKeyState
SetCapture
PostMessageA
GetCursorPos
MapWindowPoints
ReleaseCapture
GetParent
MoveWindow
DestroyIcon

advapi32

RegOpenKeyA
RegConnectRegistryA

shell32

ShellExecuteExA

Sections

.code
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d823cf368bf68173dc2375e14c8ee9b0

Headers

File Characteristics

Imports

crtdll

kernel32

ole32

urlmon

wininet

msvcrt

wsock32

gdi32

comctl32

user32

advapi32

shell32

Sections

.code Size: 512B - Virtual size: 476B

.text Size: 9KB - Virtual size: 9KB

.data Size: 7KB - Virtual size: 9KB

.flat Size: 512B - Virtual size: 141B

.code
Size: 512B - Virtual size: 476B

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 7KB - Virtual size: 9KB

.flat
Size: 512B - Virtual size: 141B