4889f4acb269a24646ca07f70df6cf7a

Sharing

Copy URL Twitter E-mail

General

Target

4889f4acb269a24646ca07f70df6cf7a
Size

434KB
MD5

4889f4acb269a24646ca07f70df6cf7a
SHA1

09f7cfe8df23cffbff13eaa8a708ea625992143c
SHA256

0b55425e5bf4eb3914a381f79de36a5bceda87fbb8ccb9524f176e18bc8ee9b9
SHA512

42330c8e94c68fe76b212c5db0067a5eb020fc75f21027156a8421d6e15281da3df4d3b655c30d9faea0482c1b8253711381320ca9e5e032529b807e2c156796
SSDEEP

6144:9+ox6FsByGNLpfOe/dlixZFlX07dB8EWkx76Qq1whNTmK8+5W7oU:4C6FsBysFOGitO/WkYDWhNTmxv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4889f4acb269a24646ca07f70df6cf7a

Files

4889f4acb269a24646ca07f70df6cf7a
.exe windows:4 windows x86 arch:x86

1093f4f6769498a75d07d4c0763614a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
CompareStringW
IsValidCodePage
EnumCalendarInfoExA
RtlUnwind
GetStringTypeW
TerminateThread
GetCurrentProcess
GetOEMCP
VirtualAlloc
LCMapStringW
InterlockedIncrement
HeapReAlloc
GetFileType
RtlFillMemory
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringA
GetModuleFileNameA
GetACP
GetStringTypeA
ExitProcess
GetCurrentThread
GetStdHandle
GetUserDefaultLCID
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetProcessHeap
FreeEnvironmentStringsA
HeapDestroy
QueryPerformanceCounter
TlsFree
SetEnvironmentVariableA
MapViewOfFileEx
SetConsoleCtrlHandler
Sleep
EnumSystemLocalesA
HeapAlloc
GetLocaleInfoA
HeapFree
DebugActiveProcess
WriteFile
GetCurrentProcessId
EnumSystemCodePagesW
GetTimeFormatA
GetStartupInfoA
SetLastError
HeapCreate
EnterCriticalSection
GetDateFormatA
GetTimeZoneInformation
FreeLibrary
UnhandledExceptionFilter
SetHandleCount
EnumResourceNamesA
EnumTimeFormatsA
WideCharToMultiByte
VirtualFree
TlsSetValue
SetPriorityClass
GetMailslotInfo
MultiByteToWideChar
EnumResourceTypesW
GetProfileStringW
DeleteCriticalSection
GetVersionExA
GetProcAddress
GetEnvironmentStrings
GetLastError
CompareStringA
IsDebuggerPresent
InterlockedExchange
HeapSize
TlsGetValue
GetLocaleInfoW
VirtualQuery
TlsAlloc
SetUnhandledExceptionFilter
LoadLibraryExA
IsValidLocale
GetCurrentThreadId
InitializeCriticalSection
OpenFile
TerminateProcess
GetCommandLineA
InterlockedDecrement
lstrcmpA
GetModuleHandleA
LeaveCriticalSection

gdi32

DrawEscape
GetObjectW
GetViewportExtEx
UpdateColors
LineTo
SetICMMode
SetWindowOrgEx
GetEnhMetaFilePaletteEntries
EnumObjects
GetBkMode
RemoveFontResourceA
CopyEnhMetaFileA
CreateBrushIndirect
GetOutlineTextMetricsW
GetMapMode
GetPaletteEntries
CreateDIBSection
EnumFontFamiliesW
SetDIBColorTable
PatBlt
CreateEnhMetaFileA
CreatePatternBrush

comdlg32

GetOpenFileNameA
PageSetupDlgA
ReplaceTextA
PrintDlgA
LoadAlterBitmap

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1093f4f6769498a75d07d4c0763614a6

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 141KB - Virtual size: 140KB

.data Size: 280KB - Virtual size: 301KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 141KB - Virtual size: 140KB

.data
Size: 280KB - Virtual size: 301KB

.rsrc
Size: 12KB - Virtual size: 11KB