4cc390e9f8a387b5408539cb5f139905

Sharing

Copy URL Twitter E-mail

General

Target

4cc390e9f8a387b5408539cb5f139905
Size

168KB
MD5

4cc390e9f8a387b5408539cb5f139905
SHA1

509f433f533e0261ec0b1526ba12c99035126867
SHA256

4031599b7d2d8b79970ec24ec9230048246048605fc2c1dbf96395caf74d2d27
SHA512

103ac5128ce1c1c217f3a1aa79b9b0a790b6409d0d8f8031773ebb85b6c8d2c31906a12fa221b1bec085aa02dbe003680ce714fc5159d12ecfb4c200d6523473
SSDEEP

3072:6oPPvAYbsg8GlYpL8e8QsybKAERAedK6ogZ+ZGMEwffpfU:5v0gV6hdtWAsK6zMEof

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc390e9f8a387b5408539cb5f139905

Files

4cc390e9f8a387b5408539cb5f139905
.exe windows:4 windows x86 arch:x86

9a1abe8b64e4288f6797169f312ed749

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput

DirectInputCreateEx
DirectInputCreateW
DirectInputCreateA

kernel32

SetEndOfFile
lstrlenA
lstrcpynA
lstrcpyA
CloseHandle
CompareStringA
EnterCriticalSection
EnumResourceNamesA
ExitProcess
GetDateFormatA
InitializeCriticalSection
LocalAlloc
OpenFile
OpenFileMappingA
lstrcmpA
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree

ole32

OleUninitialize
OleGetClipboard
OleDuplicateData
CoRevokeClassObject
CreateOleAdviseHolder
RegisterDragDrop
OleInitialize
CLSIDFromProgID
CoCreateInstance
CoGetClassObject
CoInitialize
CoUninitialize

dsound

DirectSoundCreate
DirectSoundEnumerateA
DirectSoundCreate8

user32

OffsetRect
LoadMenuA
LoadCursorA
DialogBoxParamA
LoadBitmapA
LoadAcceleratorsW
DestroyMenu
GetMenu
GetFocus
GetDC
EndDialog
EnableScrollBar
DrawStateA
ShowCaret
CreateIcon
CreateAcceleratorTableA
CharUpperBuffA
CharToOemBuffA
GetMessageA

shell32

SHFileOperationA
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHBindToParent

msvfw32

ICSeqCompressFrameEnd
ICSeqCompressFrame
MCIWndCreateA
ICRemove

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a1abe8b64e4288f6797169f312ed749

Headers

File Characteristics

Imports

dinput

kernel32

ole32

dsound

user32

shell32

msvfw32

Sections

.text Size: 35KB - Virtual size: 36KB

.rdata Size: 52KB - Virtual size: 56KB

.data Size: 69KB - Virtual size: 88KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 35KB - Virtual size: 36KB

.rdata
Size: 52KB - Virtual size: 56KB

.data
Size: 69KB - Virtual size: 88KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB