4b0af1b0c73d1be2453ed7a674d05fa9

Sharing

Copy URL Twitter E-mail

General

Target

4b0af1b0c73d1be2453ed7a674d05fa9
Size

124KB
MD5

4b0af1b0c73d1be2453ed7a674d05fa9
SHA1

1cf72a82f28e6b6add896d392f615bb7d118ed1b
SHA256

91f5606bc0208d57f4283707d49dbef10a71e1a4fc2aaf0298bdc54b70c6fb3e
SHA512

6ca7b3c96ba9e50ada4aa75ae4acf129124c8d161d87c0e5a7dca388837a0e031b24579b7268041316b43598700d4db53ab1ff983a2d6e92ad1b6c425db071d3
SSDEEP

3072:guSul/DSQq8atdZVVXWU4+mw3ecqLQcV8ly:h7SQq8aZmc53ecEQcVAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0af1b0c73d1be2453ed7a674d05fa9

Files

4b0af1b0c73d1be2453ed7a674d05fa9
.exe windows:4 windows x86 arch:x86

64922e22a065c8a2ba9dad2da45af2e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AppendMenuA
IsWindow
DrawTextA
DrawIconEx
IsMenu
GetWindowTextA
DialogBoxParamW
GetDC
GetCursor
DialogBoxParamA
CloseWindow
DrawIcon
LoadCursorA
GetMenu
CreateIcon
CopyImage

advapi32

RegOpenKeyExW
RegCreateKeyW
RegEnumKeyExA
RegDeleteKeyW
RegLoadKeyW
RegOpenKeyExA
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExA
RegGetKeySecurity
RegLoadKeyA
RegQueryValueA
RegDeleteValueA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueW
RegEnumKeyW
RegQueryInfoKeyA

comctl32

ImageList_DrawEx
ImageList_DrawIndirect
ImageList_LoadImage
ImageList_Merge
ImageList_Draw
ImageList_Replace
ImageList_BeginDrag
ImageList_LoadImageW
ImageList_DragMove
ImageList_AddMasked
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_AddIcon
ImageList_DragEnter
ImageList_Create

kernel32

GetFileTime
GetConsoleMode
GetLastError
CopyFileA
GetStdHandle
GlobalFree
OpenFile
GetCommandLineA
GetFileSize
WriteFile
Sleep
ReadConsoleA
ExitThread
FindAtomA
OpenFileMappingA
GetCPInfo
CopyFileW
SetLastError

gdi32

BeginPath
GetClipBox
CopyMetaFileA
DeleteObject
AddFontResourceExA
GetPixel
AddFontMemResourceEx
CloseFigure
ExtTextOutA
AbortPath
CloseMetaFile
GetDCOrgEx
GetBitmapBits
GetCurrentPositionEx
AddFontResourceA
DeleteDC

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 104KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64922e22a065c8a2ba9dad2da45af2e1

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

gdi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 104KB - Virtual size: 137KB

.reloc Size: - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 104KB - Virtual size: 137KB

.reloc
Size: - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB