4ad14eb8dcd35b9a63c44548d3b28541

General

Target

4ad14eb8dcd35b9a63c44548d3b28541
Size

429KB
MD5

4ad14eb8dcd35b9a63c44548d3b28541
SHA1

661638a79834f02eaf13aadbe74dd0ad713ec5eb
SHA256

d426ee4fe275af618e7569cbd3637d2246b31890140459ecd93b3ae83d9bf5e5
SHA512

8aaa8d5f128947253ae9039ca15e422c29cdbd68af297a4d5a4c488c361e27a145166de1a35284b01663dc4408a2ca3ea36f969eb57ea17a9893c7b51eceeccc
SSDEEP

12288:5XY7BqK4TOZEULlGjfX2xnLto9A+4TKBhP:5o7N4T4LkQC9cTKBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ad14eb8dcd35b9a63c44548d3b28541

Files

4ad14eb8dcd35b9a63c44548d3b28541
.exe windows:4 windows x86 arch:x86

b0c60afeb1e3416f84cc6004acddddd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetMetaRgn
DeleteColorSpace
PathToRegion
SetICMMode
GetRgnBox
StretchBlt
GetEnhMetaFileHeader
GetTextExtentPointW
GetMetaFileBitsEx
SetBkMode
PlgBlt
GetObjectA

user32

GetWindowThreadProcessId
GetMenuItemInfoW
IsCharAlphaW
SetClassWord
DdeQueryStringA
ShowScrollBar
DrawTextExA
TranslateAccelerator
GetWindowRgn
GetWindowLongA
SetParent
EnumDesktopsA
SetCaretPos

ole32

OleGetClipboard
OleIsCurrentClipboard
WriteOleStg
WdtpInterfacePointer_UserMarshal
OleGetAutoConvert
OleDuplicateData

msvcrt

_yn
_lseek
_wcsrev
_mbsbtype
_pipe
_mbsnextc
sprintf
_stat
_ltow
iswdigit
_fgetwchar
_mbsnbcnt
ftell
_endthread
__p__environ

kernel32

LCMapStringA
lstrcmpiW
LoadResource
CompareStringA
OutputDebugStringA
lstrcmpA
InterlockedDecrement
GetModuleHandleA
InitAtomTable
FileTimeToLocalFileTime
lstrcmpW
RemoveDirectoryW
lstrlenA
SetCommMask
ReadConsoleInputW
lstrcmpiA
GetSystemTime
GetLocalTime
GetModuleHandleW
Sleep
GetStartupInfoW
SetFileAttributesA
GetDiskFreeSpaceExW
HeapUnlock
VirtualFree
lstrlenW
VirtualAlloc
GetPrivateProfileSectionNamesA
ExitProcess
GetShortPathNameW
EnumSystemCodePagesA
HeapLock
VerLanguageNameA

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl
Size: 86KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.veov
Size: 337KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0c60afeb1e3416f84cc6004acddddd8

Headers

File Characteristics

Imports

gdi32

user32

ole32

msvcrt

kernel32

Sections

.text Size: 4KB - Virtual size: 5KB

.tbl Size: 86KB - Virtual size: 438KB

.veov Size: 337KB - Virtual size: 548KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 5KB

.tbl
Size: 86KB - Virtual size: 438KB

.veov
Size: 337KB - Virtual size: 548KB

.reloc
Size: 1024B - Virtual size: 1KB