4ad1a698496f0a00b1a7590cfa2e6380

Sharing

Copy URL Twitter E-mail

General

Target

4ad1a698496f0a00b1a7590cfa2e6380
Size

537KB
MD5

4ad1a698496f0a00b1a7590cfa2e6380
SHA1

484ad588e7cbd15a126a7e852f1aef302b097f98
SHA256

ec9205629aaf1d243917d12cd9bac47e8048507b0b9392517f8e6a451d0f6eb6
SHA512

616865f47601777dfbca378da22ab04cc415d2401509b9ea239da4efb82013545b0e4c413c741cd5fc06c161b8a7509a7cbbd8b64076850a67a07eec4cfcb4aa
SSDEEP

12288:ohErnu+YXyOufIMMlFaJrvHRef+GxuSxpU3D7gtZRjeq:AE6+tOufIMMIzHRef+GxrpU3DWZRjeq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ad1a698496f0a00b1a7590cfa2e6380

Files

4ad1a698496f0a00b1a7590cfa2e6380
.exe windows:4 windows x86 arch:x86

923a9999d3a210cd1ce749cf258ba6f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WindowFromPoint
RegisterClassExA
DefWindowProcA
SetWindowContextHelpId
ChangeMenuA
GetWindowLongA
GetKeyboardLayout
CreateWindowExW
RegisterClassA
AppendMenuA
SetMenu
ShowWindow
CreateDialogIndirectParamW
CreateDialogParamW
MessageBoxW
CharPrevW
GetSubMenu
DestroyWindow

advapi32

CryptEnumProviderTypesW
CryptGetUserKey
InitializeSecurityDescriptor
CryptDecrypt
RegEnumKeyExA

shell32

SHQueryRecycleBinA
SHGetNewLinkInfo
SHGetSpecialFolderPathW

comctl32

CreatePropertySheetPageW
ImageList_LoadImageA
ImageList_GetImageRect
CreateStatusWindowW
ImageList_Draw
ImageList_Write
ImageList_SetIconSize
ImageList_GetIconSize
InitCommonControlsEx
CreatePropertySheetPage
ImageList_Add
CreateToolbarEx

kernel32

TlsAlloc
CreateMutexA
EnumSystemLocalesA
InitializeCriticalSection
GetOEMCP
WriteProfileSectionA
TlsSetValue
IsValidCodePage
HeapReAlloc
ReadFile
WideCharToMultiByte
RtlUnwind
HeapFree
GetStartupInfoA
GetCurrentThread
EnumSystemCodePagesA
SetLastError
DeleteCriticalSection
CompareStringW
OpenMutexA
VirtualAlloc
GetStringTypeA
GetCommandLineA
LoadLibraryA
GetStringTypeW
LCMapStringW
SetVolumeLabelW
SetStdHandle
CompareStringA
GlobalUnfix
GetModuleHandleA
MultiByteToWideChar
EnumDateFormatsA
GetModuleFileNameA
LCMapStringA
GetACP
GetEnvironmentStringsW
LocalUnlock
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
GetVersionExA
GetEnvironmentStrings
GetTimeZoneInformation
GetCPInfo
GetTickCount
GetCurrentProcessId
FlushInstructionCache
GetDateFormatA
SetFilePointer
GetProcAddress
lstrcmpiA
SetEnvironmentVariableA
GetStdHandle
QueryPerformanceCounter
GetSystemInfo
UnhandledExceptionFilter
VirtualFree
HeapCreate
SystemTimeToTzSpecificLocalTime
SetHandleCount
GetTimeFormatA
GetFileType
TlsGetValue
WriteConsoleOutputCharacterW
GetCurrentThreadId
HeapAlloc
FreeEnvironmentStringsA
IsBadWritePtr
HeapSize
FlushFileBuffers
VirtualProtect
EnterCriticalSection
HeapDestroy
WaitNamedPipeA
GetSystemTimeAsFileTime
LeaveCriticalSection
GetLastError
InterlockedExchange
TerminateProcess
CloseHandle
TlsFree
WaitForSingleObject
FreeEnvironmentStringsW
ExitProcess
VirtualQuery
GetLocaleInfoA
SetConsoleWindowInfo
WriteFile
GetCurrentProcess

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

923a9999d3a210cd1ce749cf258ba6f7

Headers

File Characteristics

Imports

user32

advapi32

shell32

comctl32

kernel32

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 56KB - Virtual size: 68KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 56KB - Virtual size: 68KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 21KB - Virtual size: 21KB