48d888c498745a0a716ee9622d1afdab

Sharing

Copy URL Twitter E-mail

General

Target

48d888c498745a0a716ee9622d1afdab
Size

265KB
MD5

48d888c498745a0a716ee9622d1afdab
SHA1

76ca7ba51a1491de6a4320fe4e5e7f2513e69726
SHA256

f050e0b07f0419fc001b889dd94f180d31972a38635cead2cf3ed6b48085077f
SHA512

b130be0775ae7d4c67fbe01974ef69840dd9e863b59f6f8f6cd4d8ace0d24d10b5f3409e977484a91a4cb6bda2c0764ff5f405d1ddbeb330aaef4d6438134520
SSDEEP

6144:gElFXqlVdAFj39Kk02R89kr1lHoCjC3peBFfxPV1V7Yl:gUX4AZ39KJ2Rskr1lHE3ANPPV7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48d888c498745a0a716ee9622d1afdab

Files

48d888c498745a0a716ee9622d1afdab
.exe windows:5 windows x86 arch:x86

7f752ad3723f42210719e3fde8bfd907

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

DeleteDC
StretchBlt
SetRectRgn
GetStockObject
CreateFontIndirectW
CreateCompatibleBitmap
MoveToEx
GetTextExtentPoint32W
GetDeviceCaps
LineTo
SetPixel
SetTextColor

advapi32

RegFlushKey
RegOpenKeyExA
RegSetValueExW

msvcrt

__getmainargs
_exit
rand
exit

user32

wsprintfW
LoadCursorW
SetTimer
SetWindowTextW
EndDialog
PostMessageW
FlashWindow
GetMessageW
GetDesktopWindow
TranslateMessage
GetDC
ReleaseCapture
GetMenu
DialogBoxParamW
GetWindowRect
GetSysColor
InvalidateRect
LoadStringW
GetDlgItem

kernel32

HeapValidate
HeapCreate
MapViewOfFile
TransactNamedPipe
SystemTimeToFileTime
InterlockedExchangeAdd
MapViewOfFileEx
WaitForSingleObjectEx
FileTimeToDosDateTime
OpenThread
CreateThread
SetThreadIdealProcessor
DeleteFileA
RtlFillMemory
GetQueuedCompletionStatus
SetThreadAffinityMask
ResetEvent
ReadFile
OpenFileMappingA
GetThreadLocale
EnumLanguageGroupLocalesA
WaitNamedPipeA
VirtualAllocEx
WaitForMultipleObjectsEx
GetThreadTimes
FreeEnvironmentStringsA
GetSystemTime
GetEnvironmentVariableA
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
CreateFileMappingA
GetCurrentDirectoryA
lstrcatW
FlushViewOfFile
SetFilePointer
HeapQueryInformation
ConnectNamedPipe
GetEnvironmentStringsA
CreateFileA
CreateNamedPipeA
PostQueuedCompletionStatus
SetFilePointerEx
HeapAlloc
RegisterWaitForSingleObject
SetEnvironmentVariableA
InterlockedPopEntrySList
InitializeCriticalSection
GetSystemDefaultLangID
CopyFileExA
SetFirmwareEnvironmentVariableA
InterlockedDecrement
WaitForMultipleObjects
SuspendThread
GetFileTime
SetThreadPriority
GetStringTypeExA
CreateIoCompletionPort
EnumSystemLanguageGroupsA
GetLocalTime
lstrcmpW
GetUserDefaultLangID
HeapSummary
TryEnterCriticalSection
HeapFree
GetTickCount
CreateMutexA
CloseHandle
GetFileAttributesExA
UnmapViewOfFile
WaitForSingleObject
InterlockedPushEntrySList
HeapDestroy
FileTimeToLocalFileTime
GetCurrentProcessId
lstrcmpA
GetCurrentProcess
lstrlenA

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f752ad3723f42210719e3fde8bfd907

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

msvcrt

user32

kernel32

Sections

.text Size: 175KB - Virtual size: 175KB

.data Size: 66KB - Virtual size: 65KB

.rsrc Size: 23KB - Virtual size: 572KB

.text
Size: 175KB - Virtual size: 175KB

.data
Size: 66KB - Virtual size: 65KB

.rsrc
Size: 23KB - Virtual size: 572KB