4a49b3339240a64ff4477222e10ec457

Sharing

Copy URL Twitter E-mail

General

Target

4a49b3339240a64ff4477222e10ec457
Size

507KB
MD5

4a49b3339240a64ff4477222e10ec457
SHA1

d1f25d0950c0b68587af63ebf7c0b52e9266d466
SHA256

e6f16a80d24d3684dcfdf55d5314d161291f809802318090feb128396ed1d33b
SHA512

cd8ee41dc61c30015f4142e2fea4f057e1fce83a2486d504537976331ad380e1c22b0e04d41274843014477786beda42cca4bb66db55c82d1c2184cbfdb7741b
SSDEEP

12288:70rW9u9S634N5zsU+r6jw9VzDVQ16tmqAO:70CB63Md++ga1kl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a49b3339240a64ff4477222e10ec457

Files

4a49b3339240a64ff4477222e10ec457
.exe windows:4 windows x86 arch:x86

3799a0ca509ea1b3df554076362b79ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StartDocA
CreateRoundRectRgn
GetCharWidth32W
CopyMetaFileA
GetPaletteEntries
GetViewportExtEx
OffsetViewportOrgEx

kernel32

LCMapStringA
HeapFree
EnumResourceNamesW
GetStdHandle
CreateMutexA
LeaveCriticalSection
GetCPInfo
GetStringTypeA
VirtualProtect
GetCommandLineW
SetLastError
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentThread
CompareStringA
GetCurrentProcess
GetLocaleInfoW
SetHandleCount
LCMapStringW
EnumSystemLocalesA
TlsAlloc
QueryPerformanceCounter
ReadFile
RtlUnwind
UnhandledExceptionFilter
FlushFileBuffers
EnterCriticalSection
CreateMailslotA
GetTickCount
TlsFree
GetFileType
GetTimeFormatA
GetModuleFileNameA
TransmitCommChar
GetEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryA
IsValidLocale
MultiByteToWideChar
TlsSetValue
InitializeCriticalSection
OpenMutexA
CompareStringW
TerminateProcess
VirtualAlloc
WriteFile
SetEnvironmentVariableA
HeapReAlloc
SetConsoleCursorPosition
InterlockedExchange
GetCommandLineA
FindClose
CloseHandle
VirtualFree
GetModuleFileNameW
DeleteCriticalSection
HeapCreate
GetProcAddress
SetStdHandle
SetConsoleOutputCP
GetLocaleInfoA
WideCharToMultiByte
IsBadWritePtr
HeapSize
HeapDestroy
GetTimeZoneInformation
GetACP
IsValidCodePage
GetVersionExA
GetCurrentThreadId
GetLastError
VirtualQuery
TlsGetValue
ExitProcess
GetStringTypeW
GetDiskFreeSpaceA
GetDateFormatA
GetModuleHandleA
GetCurrentProcessId
CommConfigDialogA
GetOEMCP
GetStartupInfoW
GetUserDefaultLCID
HeapAlloc
SetLocalTime
GetSystemInfo
FreeEnvironmentStringsA
GetStartupInfoA
SetFilePointer

advapi32

RegRestoreKeyA
CryptEnumProvidersA
ReportEventA
CryptHashSessionKey
AbortSystemShutdownW
RegOpenKeyA
CryptSignHashA
CryptGetHashParam
RegEnumKeyExW
CreateServiceW
InitiateSystemShutdownA
RegSetValueW
GetUserNameA
RegEnumKeyW
CryptVerifySignatureW
RegCloseKey
RegQueryValueA
CryptImportKey
RegEnumKeyA
AbortSystemShutdownA
CryptCreateHash
CryptSetProviderExW
RegQueryInfoKeyW
RegEnumValueA

user32

SendIMEMessageExW
CreateWindowExA
GetUpdateRect
SendNotifyMessageA
RegisterClassA
RegisterClassExA
GetSysColor
SwitchDesktop
IsDlgButtonChecked
GetKeyboardLayoutNameW
CopyAcceleratorTableW

comctl32

InitCommonControlsEx

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3799a0ca509ea1b3df554076362b79ae

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

user32

comctl32

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 52KB - Virtual size: 78KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 52KB - Virtual size: 78KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 13KB - Virtual size: 13KB