4a914bf7190a1e860784dd318f5a32b5

Sharing

Copy URL Twitter E-mail

General

Target

4a914bf7190a1e860784dd318f5a32b5
Size

347KB
MD5

4a914bf7190a1e860784dd318f5a32b5
SHA1

fae6b8ad73e74629fd21b8e914cc33253daaf155
SHA256

e647533e008c304eb471d1fc0f0bf11678c96b7835566419fc20c012f82fb7d8
SHA512

8f632857ab3ddcf9e89f3cd7df52608305a1fa9e3e2cfa0afa7c43dc89a7043c58ff24c669baab1e8ca031a2e24773328c46a6bfa6208146632b6ef5f78205a4
SSDEEP

6144:QSThe+IAHNlTIPlQxZSdB4NeoiYQkPxP4+Lqsvmkz06PsWW+RDaoneHrIsf:BTh9HPaQGgEIQkPxAoq+7DaoeLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a914bf7190a1e860784dd318f5a32b5

Files

4a914bf7190a1e860784dd318f5a32b5
.exe windows:4 windows x86 arch:x86

d04bb0df188ec0fae403bb28e295b920

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
log10
memcpy
fopen
fseek
fclose
sprintf
strcmp
strncmp

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
LoadLibraryA
GetProcAddress
FreeLibrary
HeapAlloc
HeapFree
GetCurrentThreadId
GetCurrentProcessId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc

ole32

RevokeDragDrop

gdi32

GetStockObject
SetTextColor
SetBkColor
CreateSolidBrush
DeleteObject

comctl32

InitCommonControls
InitCommonControlsEx

user32

BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
GetWindow
GetWindowLongA
SendMessageA
SetWindowLongA
ValidateRect
CallWindowProcA
GetWindowRect
GetParent
MapWindowPoints
InvalidateRect
GetSysColor
GetSysColorBrush
SetWindowPos
MoveWindow
RedrawWindow
DestroyWindow
RemovePropA
SetPropA
GetPropA
PostMessageA
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadCursorA
RegisterClassA
AdjustWindowRect
GetSystemMetrics
GetActiveWindow
ShowWindow
CreateAcceleratorTableA
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
ScreenToClient
GetClientRect
GetMenu
AdjustWindowRectEx
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetKeyState
SetCapture
GetCursorPos
ReleaseCapture
FillRect
EnumChildWindows
SetFocus
GetFocus
IsChild
GetClassNameA

shell32

ShellExecuteA

Sections

.code
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 327KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d04bb0df188ec0fae403bb28e295b920

Headers

File Characteristics

Imports

crtdll

kernel32

ole32

gdi32

comctl32

user32

shell32

Sections

.code Size: 2KB - Virtual size: 2KB

.text Size: 14KB - Virtual size: 14KB

.data Size: 327KB - Virtual size: 328KB

.rsrc Size: 2KB - Virtual size: 1KB

.code
Size: 2KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 327KB - Virtual size: 328KB

.rsrc
Size: 2KB - Virtual size: 1KB