4abf41bcad5cc9db927afc5c8dbaa5d9

Sharing

Copy URL Twitter E-mail

General

Target

4abf41bcad5cc9db927afc5c8dbaa5d9
Size

694KB
MD5

4abf41bcad5cc9db927afc5c8dbaa5d9
SHA1

07c8cbb4486a6aeca267b95d9760626988108116
SHA256

77e375be4ba3b836984674b341c3212fe3d19d0771f37e26277b02229492750f
SHA512

df4db2e1f1214e03ac1f44250df76d8ab9289a5ef19919b333212c47c86fdea29f8e2521ff7237bc7dc955e3c1836a9d2b09b58dd7e75322a3fdacdd4124cd75
SSDEEP

12288:2IdSxZzF2XaOD6Whc2bo68lcgGFor/wF8h2OZ7tDjOLnP/8b:2WSjZ2qq6WhnoZ7GFor/Lhf7t3OzX+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4abf41bcad5cc9db927afc5c8dbaa5d9

Files

4abf41bcad5cc9db927afc5c8dbaa5d9
.exe windows:4 windows x86 arch:x86

0fe9323aaebf72e7e7f04cd4bf069177

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvcrt

__p__fmode
_mbscmp
__set_app_type
wcslen
_except_handler3
malloc
memmove
__setusermatherr
_ftol
_exit
_initterm
_adjust_fdiv
free
__getmainargs
exit
sprintf
rename
_controlfp
_acmdln
wcscpy
__dllonexit
_onexit
??1exception@@UAE@XZ
_mbsstr
__CxxFrameHandler
printf
_XcptFilter
__p__commode
_mbsnbcpy
??1type_info@@UAE@XZ
_setmbcp

kernel32

RemoveDirectoryA
GetLastError
SetFileAttributesA
SearchPathA
Sleep
CreateFileA
OpenProcess
SetProcessShutdownParameters
Process32Next
GetVersion
CreateProcessA
lstrcatA
CreateSemaphoreA
FindFirstFileA
FreeLibrary
FindNextFileA
LoadLibraryA
FindResourceA
CreateToolhelp32Snapshot
GetFileSize
GetVersionExA
Process32First
GetModuleHandleA
ReadFile
lstrlenA
DeleteFileA
GetDriveTypeA
ExitProcess
Module32First
GetFileAttributesA
LockResource
TerminateProcess
CloseHandle
SetFilePointer
GetModuleFileNameA
GetPrivateProfileStringA
GetTempPathA
lstrcpyA
WritePrivateProfileStringA
lstrcmpiA
CreateDirectoryA
GetLogicalDrives
LoadResource
GetCurrentProcess
GetWindowsDirectoryA
DeviceIoControl
WriteFile
lstrlenW
GetCPInfo
Module32Next
WinExec
GetStartupInfoA
FindClose

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetIcon
ImageList_AddMasked

shell32

ShellExecuteA
SHEmptyRecycleBinA
Shell_NotifyIconA
ShellExecuteExA
SHGetSpecialFolderPathA

wininet

FindCloseUrlCache
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry

user32

AppendMenuA
GetMessagePos
DrawFocusRect
GetPropA
GetDesktopWindow
GetSubMenu
GetWindowLongA
LoadImageA
GetMenuItemID
TabbedTextOutA
SendMessageA
EnumWindowStationsA
DrawIconEx
OffsetRect
LoadCursorA
IsMenu
GetParent
GetWindow
GetSysColorBrush
GetActiveWindow
IsWindow
CopyIcon
ShowWindow
ReleaseDC
SetPropA
LoadMenuA
CreatePopupMenu
WindowFromPoint
GetMenuItemCount
ScreenToClient
DrawEdge
FrameRect
GetLastActivePopup
PtInRect
CreateMenu
SetRect
SetTimer
MessageBeep
KillTimer
FindWindowA
SetCursor
EnableWindow
GrayStringA
GetWindowRect
ExitWindowsEx
GetCursorPos
ModifyMenuA
RegisterWindowMessageA
DrawIcon
GetMenuState
DestroyIcon
DrawTextA
GetDC
GetNextDlgTabItem
ClientToScreen
FillRect
SetMenuDefaultItem
InvalidateRect
GetClientRect
IsIconic
GetMenuItemInfoA
SetWindowLongA
SystemParametersInfoA
CopyRect
GetIconInfo
GetSystemMetrics
RemovePropA
InflateRect
SetForegroundWindow
LoadBitmapA
CreateIconIndirect
GetSysColor
PostMessageA
GetMenuStringA
DrawStateA
wsprintfA
DestroyCursor
LoadIconA

version

GetFileVersionInfoA

gdi32

CreateCompatibleBitmap
GetBkMode
CreateCompatibleDC
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateBitmap
DeleteObject
CreatePen
GetPixel
BitBlt
DeleteDC
ExtTextOutA
CreateSolidBrush
CreateFontIndirectA
SetTextColor
PatBlt
GetDeviceCaps
SetPixel
TextOutA
Escape
GetObjectA
CreateFontA
SelectObject
Ellipse
GetStockObject
PtVisible
SetBkColor
RectVisible
CreateDIBSection

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 5KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fe9323aaebf72e7e7f04cd4bf069177

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

shell32

wininet

user32

version

gdi32

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 347KB - Virtual size: 346KB

.strings Size: 5KB - Virtual size: 696KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 347KB - Virtual size: 346KB

.strings
Size: 5KB - Virtual size: 696KB