4cb6a8b12501da689f7c40e335dc3d6b

Sharing

Copy URL Twitter E-mail

General

Target

4cb6a8b12501da689f7c40e335dc3d6b
Size

2.4MB
MD5

4cb6a8b12501da689f7c40e335dc3d6b
SHA1

65ee5bf636d56c2bbf1e61c7d040368a84ce006a
SHA256

a1a6c8c7267abefcb6437b1b3c8216cc8741e489b362ba331547c44b0b1ba580
SHA512

bda7395ce933ff606926adc991054a652d03cda91fc516c28de5eb0c74c52400443cb7ce020721dda81d723f73dc02fccb797e906a7c02491fbf9360eaf020dc
SSDEEP

49152:acWZJpwceGcEpDcSyRCncbt16/3CcQWCcncidtc4xBf5rTbDLScZOwVT+Eb6G+:koce/CK/+zrjTbDLZOwl+tG+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cb6a8b12501da689f7c40e335dc3d6b

Files

4cb6a8b12501da689f7c40e335dc3d6b
.exe windows:5 windows x86 arch:x86

ca39e083139219c32a07c520a4afcc22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateFileMappingA
CreateThread
DeleteCriticalSection
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeProcess
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessVersion
GetProfileStringA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFlags
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsDBCSLeadByteEx
IsDebuggerPresent
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenFileMappingA
QueryPerformanceCounter
RaiseException
ReadFile
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadExecutionState
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpiA
lstrlenA

comctl32

DestroyPropertySheetPage
ImageList_Add
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_SetBkColor
PropertySheetW

gdi32

CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreatePatternBrush
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
Escape
ExcludeClipRect
ExtTextOutA
GetBkColor
GetClipBox
GetDIBits
GetDeviceCaps
GetPixel
GetStockObject
GetTextColor
GetTextExtentPointA
IntersectClipRect
LPtoDP
LineTo
MoveToEx
OffsetViewportOrgEx
PatBlt
PtVisible
RectVisible
Rectangle
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetDIBits
SetMapMode
SetPixel
SetRectRgn
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt

msacm32

acmMetrics

user32

BeginPaint
BringWindowToTop
CallNextHookEx
CharNextA
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
ClientToScreen
CloseClipboard
CopyRect
CreateIconIndirect
DefDlgProcA
DefWindowProcA
DeferWindowPos
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawTextA
EmptyClipboard
EnableMenuItem
EndDialog
EndPaint
EnumChildWindows
EnumThreadWindows
EqualRect
ExcludeUpdateRgn
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassNameA
GetClientRect
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessagePos
GetMessageTime
GetNextDlgTabItem
GetParent
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
HideCaret
InflateRect
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsDlgButtonChecked
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LockWindowUpdate
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxA
MoveWindow
OffsetRect
OpenClipboard
PostQuitMessage
PtInRect
RedrawWindow
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowPos
SetWindowsHookExA
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
TrackPopupMenu
TrackPopupMenuEx
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
ValidateRect
wsprintfA

winmm

mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mixerGetNumDevs
mixerOpen
mixerSetControlDetails
waveOutClose
waveOutGetDevCapsW
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

ole32

CoInitialize
CoLockObjectExternal
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
DoDragDrop
OleDuplicateData
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
PropVariantClear
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

ws2_32

send

Exports

Exports

___CPPdebugHook

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 14.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca39e083139219c32a07c520a4afcc22

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

gdi32

msacm32

user32

winmm

ole32

ws2_32

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.data Size: 10KB - Virtual size: 14.1MB

.tls Size: 5KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 9KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 105KB - Virtual size: 108KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 10KB - Virtual size: 14.1MB

.tls
Size: 5KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 105KB - Virtual size: 108KB