4a4ec6985b60b2ffbd6ca9beeb397944

Sharing

Copy URL Twitter E-mail

General

Target

4a4ec6985b60b2ffbd6ca9beeb397944
Size

187KB
MD5

4a4ec6985b60b2ffbd6ca9beeb397944
SHA1

239ed43ff1de8f69f97564b7d7024bcdb3527762
SHA256

e60f22b068f34534b0425b272867528c859c7d146f6f517907c03e48a2bae600
SHA512

2b180583bdd8de04bbc2090c3323863dfd126d2a315e9961356fab56af1ee2b1be160e84350b618ec600e12b4258964081684092459225dcecdf8bfad8f12fbd
SSDEEP

3072:NDvZlHqMPXgePR2FA9F1S7VlCnlASqCYlniL8t4xbpLtSlQj9mTtAB9co5Eri:NDvZlHNdRh1Sx0nOniL8t4xxtSlMG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a4ec6985b60b2ffbd6ca9beeb397944

Files

4a4ec6985b60b2ffbd6ca9beeb397944
.exe windows:4 windows x86 arch:x86

9f821fdaa17ef557cff9c79ac0cdd35b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Add
ImageList_Destroy

user32

SetClipboardData
WinHelpW
IsClipboardFormatAvailable
DefWindowProcW
EmptyClipboard
SetWindowsHookExW
SetWindowPos
DestroyCursor
CallNextHookEx
UnhookWindowsHookEx
SetScrollRange
DestroyIcon
ChildWindowFromPoint
RegisterClassW
DrawEdge
ClipCursor
ToAscii
GetSysColorBrush
MonitorFromWindow
GetSysColor

kernel32

CreateFiber
IsDBCSLeadByte
GetFileType
LocalAlloc
CompareStringW
SetCommConfig
LockFile
GetVersionExW
GetSystemTime
FlushFileBuffers
GetProfileStringW
EnumResourceNamesW
FileTimeToSystemTime
SearchPathW
FindResourceExA
GetVolumeInformationW
FlushFileBuffers
GetUserDefaultLangID
UnlockFile
GetFileTime
FileTimeToLocalFileTime
SetEndOfFile
GetFileAttributesA
VerLanguageNameW
GetSystemDirectoryW

ole32

StgOpenStorageOnILockBytes
CLSIDFromProgID
StringFromCLSID
OleDuplicateData
CoFreeUnusedLibraries
RegisterDragDrop
RevokeDragDrop
CoCreateGuid
CoCreateInstance
OleGetAutoConvert
OleRegGetUserType
CoTaskMemAlloc
GetHGlobalFromStream
CoTaskMemFree
CreateStreamOnHGlobal
ReleaseStgMedium
OleRun
CoGetClassObject
CLSIDFromString
CoGetMalloc
StgCreateDocfileOnILockBytes
ProgIDFromCLSID
GetHGlobalFromILockBytes
CreateILockBytesOnHGlobal

comdlg32

GetFileTitleA

rpcrt4

RpcBindingSetAuthInfoA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcStringFreeA

shlwapi

PathIsURLW
PathIsRootW
PathStripToRootW
PathCanonicalizeW
PathIsRelativeW
PathCombineW

gdi32

GetBkColor
SetStretchBltMode
GetPath
SetTextColor
AnimatePalette
ExtCreatePen
CreateFontIndirectA
PolyBezier
CreatePen
StrokePath
PlgBlt
FlattenPath
GetBitmapBits
RoundRect
SetDIBits

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f821fdaa17ef557cff9c79ac0cdd35b

Headers

File Characteristics

Imports

comctl32

user32

kernel32

ole32

comdlg32

rpcrt4

shlwapi

gdi32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 15KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 15KB

.lib
Size: 512B - Virtual size: 76KB