4857ae261414d6f2f45a5bf624f36d34

General

Target

4857ae261414d6f2f45a5bf624f36d34
Size

112KB
MD5

4857ae261414d6f2f45a5bf624f36d34
SHA1

aa264ca1e2222eede62df909a18d241c93cc8f92
SHA256

49cc8f6bcbda48fdc7b323de9e6ad68c01d23d099ad1a3149e83f34f76f7ae4b
SHA512

5edfc924d5de050c57e6b74d92d0bcd5379c7fbc7ec70bbe1366013d395473a5b375796fb04ef491238a8e248b36a08290e6998407f7f3053c15c9504a812025
SSDEEP

768:S0/ZpDmU69K7nhXshFGr/YCKMW3B5pqHImQWwwiqYe9GT2U8oZ/MZew/ig4Ro4r:pZmUH7n0+mMuqGWwwiqYl2gw/Z4Ro4r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4857ae261414d6f2f45a5bf624f36d34

Files

4857ae261414d6f2f45a5bf624f36d34
.exe windows:4 windows x86 arch:x86

384e103c43ffb6eea5e768be2df492cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetTempPathA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
FreeLibrary
LoadLibraryA
MoveFileA
OpenProcess
ReadFile
SetFilePointer
Sleep
TerminateProcess
VirtualProtect
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
ExitProcess
DeleteFileA
CreateMutexA
CreateFileA
CreateDirectoryA
GlobalUnlock
CloseHandle

user32

DispatchMessageA
EnableWindow
FindWindowA
GetForegroundWindow
GetKeyboardLayout
GetMessageA
GetWindowTextA
GetWindowThreadProcessId
LoadBitmapA
LoadCursorA
LoadIconA
MessageBoxA
MsgWaitForMultipleObjects
PostQuitMessage
RegisterClassExA
SendMessageA
SetFocus
ShowWindow
TranslateMessage
UpdateWindow
DefWindowProcA
CreateWindowExA
CloseClipboard
CharUpperBuffA
CharToOemA
CharLowerA
wsprintfA

gdi32

CreateFontIndirectA

advapi32

GetUserNameA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

comctl32

InitCommonControls

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

384e103c43ffb6eea5e768be2df492cd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 28KB - Virtual size: 40KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 28KB - Virtual size: 40KB

.rsrc
Size: 56KB - Virtual size: 52KB