47c4cac7592f7a6298de9b2542a1db3f

Sharing

Copy URL Twitter E-mail

General

Target

47c4cac7592f7a6298de9b2542a1db3f
Size

853KB
MD5

47c4cac7592f7a6298de9b2542a1db3f
SHA1

286d7eb62d9c9db27cf2ef9fb16acc28e89835d6
SHA256

fe88d5b38b3d78e1f3385d4ade29dbbb4eb502a462668b053aae3712b76fb327
SHA512

e2f5715b14342f00937e9e943e1d4b575e4f598e7335a452309cb64f55ca885ec8c0206266644d90d63a7380cd0f58dd1e8e537e61f17066845ecfe3b5e4bfaf
SSDEEP

24576:8nbxHgZSBfpNV9Jo+SX2YyMk1etDjtjn1zg+7BdI12:8nb6ZS5pNto+M2YVkUptjnWuDI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47c4cac7592f7a6298de9b2542a1db3f

Files

47c4cac7592f7a6298de9b2542a1db3f
.exe windows:5 windows x86 arch:x86

6a38763dec5ac67ff44b4caba06381c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

GetUserNameExW
EnumerateSecurityPackagesA
ImportSecurityContextW
DeleteSecurityPackageA
MakeSignature
LsaEnumerateLogonSessions
SaslIdentifyPackageW
ImpersonateSecurityContext
CompleteAuthToken
LsaUnregisterPolicyChangeNotification
SetContextAttributesW
GetComputerObjectNameA
SaslGetProfilePackageW
ExportSecurityContext
SetContextAttributesA
LsaRegisterLogonProcess
GetSecurityUserInfo
SaslGetProfilePackageA
AcquireCredentialsHandleW
EncryptMessage
GetComputerObjectNameW
GetUserNameExA
QueryContextAttributesA
SaslEnumerateProfilesA
LsaFreeReturnBuffer
AddCredentialsW
LsaLookupAuthenticationPackage
LsaDeregisterLogonProcess
SecpTranslateNameEx
LsaLogonUser

kernel32

WaitForDebugEvent
CreateMutexA
DeleteFileA
ClearCommBreak
WideCharToMultiByte
CallNamedPipeA
SetThreadPriority
RemoveDirectoryA
ReadProcessMemory
GetOEMCP
CompareStringW
CancelWaitableTimer
BeginUpdateResourceW
GetConsoleKeyboardLayoutNameW
GetConsoleAliasW
LocalAlloc
DeleteTimerQueue
lstrlenA
CreateDirectoryW
SetCriticalSectionSpinCount
RestoreLastError
SetFileValidData
LoadLibraryA
GetLocaleInfoW
SetConsoleNlsMode
GetShortPathNameA
GetConsoleCommandHistoryLengthW
GlobalUnWire
SetCommTimeouts
VirtualAlloc
OpenWaitableTimerW
QueryDosDeviceA
Toolhelp32ReadProcessMemory
ExitProcess
GetProfileSectionA
GlobalAlloc
GetTempPathA
MoveFileWithProgressA
GetCompressedFileSizeA
GetFirmwareEnvironmentVariableA
GetPrivateProfileIntA
FindAtomA
InterlockedFlushSList

opengl32

glPixelStorei
GlmfEndGlsBlock
glColor3f
glTexGenf
glEvalCoord2f
glRenderMode
glRectfv
glPixelMapusv
glMapGrid2d
glTexCoord4dv
glCopyTexImage1D
glVertex4iv
glNormal3bv
wglShareLists
glRotatef
wglSwapBuffers
glColor3b
GlmfBeginGlsBlock
glVertex3f
glGetTexGendv
glColor4d
glRectiv
glRasterPos3d
glColor3usv
glGetTexLevelParameteriv
wglSwapMultipleBuffers
glTexParameterf
glVertex3dv
glRasterPos2fv
glPushName
glGetClipPlane
glNormal3dv
wglChoosePixelFormat
glVertex2dv
glHint

msvfw32

DrawDibStop
DrawDibSetPalette
DrawDibRealize
ICDrawBegin
ICGetInfo
ICImageDecompress
ICClose
DrawDibEnd
MCIWndRegisterClass
ICInfo
DrawDibGetBuffer
ICGetDisplayFormat
ICSeqCompressFrameEnd
GetOpenFileNamePreviewW
GetOpenFileNamePreviewA
GetSaveFileNamePreviewA
GetOpenFileNamePreview
ICSeqCompressFrame
ICSendMessage
ICCompressorFree
DrawDibOpen
VideoForWindowsVersion
MCIWndCreate
ICMThunk32
MCIWndCreateA
DrawDibClose
ICCompressorChoose
DrawDibBegin
ICDraw
DrawDibGetPalette
ICImageCompress
StretchDIB
ICOpenFunction
ICLocate
DrawDibChangePalette
ICInstall
ICRemove
GetSaveFileNamePreviewW
DrawDibDraw
DrawDibTime
ICCompress
ICSeqCompressFrameStart
DrawDibProfileDisplay
ICOpen
MCIWndCreateW

w32topl

ToplSetAllocator
ToplGetSpanningTreeEdgesForVtx
ToplScheduleNumEntries
ToplScheduleIsEqual
ToplListAddElem
ToplVertexGetOutEdge
ToplPScheduleValid
ToplScheduleExportReadonly
ToplSTHeapInit
ToplGraphInit
ToplIterAdvance
ToplScheduleValid
ToplEdgeAssociate
ToplScheduleMaxUnavailable
ToplEdgeCreate
ToplSTHeapExtractMin
ToplGraphDestroy
ToplSTHeapCostReduced
ToplGraphSetVertexIter
ToplGraphNumberOfVertices
ToplListRemoveElem
ToplVertexNumberOfInEdges
ToplVertexFree
ToplHeapIsElementOf
ToplMakeGraphState
ToplIterFree

Sections

.text
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a38763dec5ac67ff44b4caba06381c3

Headers

DLL Characteristics

File Characteristics

Imports

secur32

kernel32

opengl32

msvfw32

w32topl

Sections

.text Size: 359KB - Virtual size: 359KB

.rdata Size: 338KB - Virtual size: 338KB

.data Size: 153KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 359KB - Virtual size: 359KB

.rdata
Size: 338KB - Virtual size: 338KB

.data
Size: 153KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B