49359f59e4941691a830ca441c3a2e2a[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

49359f59e4941691a830ca441c3a2e2a.exe
Size

268KB
MD5

49359f59e4941691a830ca441c3a2e2a
SHA1

ab279487771fad534d51cbf093728e19f7b2bb8b
SHA256

8ce94626e1c87b5ffd4443c3a30218e9be751de67aa36c3059885ab7b22c93a4
SHA512

22b03d2eb82068908919c1e062a63a234fc2e896d74e70a41dd43c7edafede631e08b482d9c8d7d5413a02666af9622a3e9af193b5c7bddb95e4f780a6defeda
SSDEEP

6144:6avaH8cS1kVZBr40ZhdOBL0vvIIhAOmkXkKAM:7RrqBr40raI1jUKAM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49359f59e4941691a830ca441c3a2e2a.exe

Files

49359f59e4941691a830ca441c3a2e2a.exe
.exe windows:4 windows x86 arch:x86

a2ac25b601e28e85dda7c373d5a59282

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
CreateEventA
WaitForSingleObject
InitializeCriticalSection
CreateMutexA
CloseHandle
HeapDestroy
GlobalFree
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedIncrement
DeleteCriticalSection
WritePrivateProfileStringA
GetShortPathNameA
lstrcpyA
GetModuleHandleA
GetPrivateProfileIntA
TerminateThread
CreateThread
CreateProcessA
GetModuleFileNameA
GlobalHandle
LockResource
lstrcpynA
CreateDirectoryA
MulDiv
SetEvent
CopyFileA
GetFileAttributesA
GetTickCount
GetVersionExA
CompareStringW
CompareStringA
lstrlenW
LoadLibraryA
FindResourceExA
FindResourceA
LoadResource
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetLastError
SetLastError
GetPrivateProfileStringA
lstrcmpiA
GetSystemTime
GetUserDefaultLangID
GetProcAddress
FreeLibrary
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetDateFormatA
InterlockedDecrement
lstrcmpA
TlsGetValue
TlsSetValue
GetFileType
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
VirtualAlloc
UnhandledExceptionFilter
HeapCreate
VirtualFree
HeapSize
TerminateProcess
GetVersion
GetCommandLineA
ExitProcess
GetStartupInfoA
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
WriteFile
LCMapStringA
GetWindowsDirectoryA
LCMapStringW
GetCPInfo
GetStringTypeW
GetStringTypeA
GetACP
GetOEMCP

user32

GetDlgItem
wsprintfA
EndDialog
SetWindowLongA
IsChild
GetFocus
BeginPaint
GetDlgCtrlID
GetKeyState
SetWindowTextA
ShowWindow
LoadCursorA
SystemParametersInfoA
GetWindow
GetWindowLongA
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
LoadImageA
GetSystemMetrics
PostQuitMessage
SetClassLongA
MapWindowPoints
EnableWindow
MoveWindow
GetSysColorBrush
LoadBitmapA
SetTimer
PtInRect
SetCursor
UpdateWindow
SetForegroundWindow
GetSystemMenu
AppendMenuA
InvalidateRgn
ReleaseCapture
CreateWindowExA
CreateAcceleratorTableA
GetClientRect
CopyRect
GetDC
SendMessageA
DrawTextA
SetWindowPos
ReleaseDC
GetParent
GetDesktopWindow
GetClassNameA
RedrawWindow
IsWindow
GetWindowTextLengthA
SetFocus
GetSysColor
GetClassInfoExA
GetWindowTextA
RegisterWindowMessageA
CreateDialogParamA
RegisterClassExA
CallWindowProcA
GetActiveWindow
GetMessageA
MsgWaitForMultipleObjects
DefWindowProcA
DialogBoxParamA
FindWindowA
ScreenToClient
CharLowerA
MessageBoxA
InvalidateRect
DestroyWindow
GetWindowRect
EndPaint
FillRect
SetCapture

gdi32

GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject
SetTextColor
CreateFontIndirectA
SetBkMode
GetTextMetricsA
DeleteDC
SelectObject

advapi32

RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA

shell32

ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringLen
LoadRegTypeLi
SysAllocString
SysFreeString
VariantChangeType
DispCallFunc
OleCreateFontIndirect
SysStringLen
VariantCopy
VariantClear

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

PropertySheetA
ord17
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_AddMasked
ImageList_Create
ImageList_Destroy

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a2ac25b601e28e85dda7c373d5a59282

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

comctl32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 68KB - Virtual size: 66KB

.mrdata Size: 76KB - Virtual size: 76KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 68KB - Virtual size: 66KB

.mrdata
Size: 76KB - Virtual size: 76KB