4b2485645df255340d3eaa97ba4bd9b5

Sharing

Copy URL

Twitter E-mail

General

Target

4b2485645df255340d3eaa97ba4bd9b5
Size

552KB
MD5

4b2485645df255340d3eaa97ba4bd9b5
SHA1

d01d2c3c1c09b1ddef29021f6b5f1db9f83f48ae
SHA256

5d767f4795f8f990ffda12c610455e74ca8525bd4a4e16e48ae96e41b3583479
SHA512

05360ef120f98a25e18e6622aeb8e81996f669235353d5e2933928e80d4d614cd11d1066d6346743163f359920ef986f411ba8eab537ce9b67f041890c314dc9
SSDEEP

12288:j0i/xy0hoAxczh/pcGeB0UsdXpC30svCGkvIWk1Gus9c1h:j0i/nTxcVI0UsZqsGkv0gc1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b2485645df255340d3eaa97ba4bd9b5

Files

4b2485645df255340d3eaa97ba4bd9b5
.exe windows:5 windows x86 arch:x86

5d694ea6fef903e211de4fbd21739e8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

kernel32

Sleep
GetStringTypeA
HeapFree
DeleteFileA
LoadResource
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GlobalFree
GlobalAlloc
SetLastError
QueryPerformanceCounter
ReadFile
DeleteCriticalSection
FindNextFileA
InitializeCriticalSection
LeaveCriticalSection
TerminateProcess
HeapDestroy
SetEvent
WriteConsoleA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCPInfo
EnterCriticalSection
FreeEnvironmentStringsW
CloseHandle
CreateEventA
WriteFile
GlobalUnlock
InterlockedIncrement
LocalFree
GetVersionExA
SetEndOfFile
FindClose
FreeEnvironmentStringsA
SetHandleCount
SetErrorMode
UnmapViewOfFile
FreeLibrary
LoadLibraryA
VirtualAlloc
GetSystemDirectoryA
VirtualFree
SetUnhandledExceptionFilter
DuplicateHandle
CreateProcessA
HeapReAlloc
CreateDirectoryA
GetStdHandle
GetCurrentProcess
GetProcessHeap
CompareStringA
GetLocaleInfoA
GetOEMCP
LCMapStringA
InterlockedExchange
RaiseException
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
MulDiv
TlsAlloc
GetACP
TlsSetValue
TlsGetValue
GetEnvironmentVariableA
GetVersion
GetCommandLineA
LoadLibraryW
ResetEvent
FindFirstFileW
GetConsoleCP
IsDebuggerPresent
FlushFileBuffers
HeapCreate
GetCurrentProcessId
HeapAlloc
FormatMessageA
GetFileAttributesA
GetCurrentThreadId
SizeofResource
CreateFileW
CreateFileA
GetLastError
SetFilePointer
GetFullPathNameA
GetFileSize
CreateThread
WaitForSingleObject
MapViewOfFile
HeapSize
GetEnvironmentStringsW
InterlockedDecrement
ExitProcess
GetModuleFileNameA
GetEnvironmentStrings
GetFileType
RtlUnwind
GetStringTypeW

user32

ShowWindow
KillTimer
DestroyWindow
InvalidateRect
SystemParametersInfoA
IsWindowVisible
IsIconic
SetCursor
LoadCursorA
SetWindowPos
TranslateMessage
DefWindowProcA
ScreenToClient
SetForegroundWindow
GetWindowLongA
IsWindowEnabled
EnableMenuItem
GetClientRect
SetFocus
RegisterClassA
LoadStringA
GetSysColor
GetSystemMetrics
FillRect
GetDC
GetWindowRect
GetParent
GetDlgItem
PostQuitMessage
UpdateWindow
DispatchMessageA
GetMessageA
SetTimer
CreateWindowExA
RegisterClassExA
LoadIconA

advapi32

RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegCreateKeyExA

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d694ea6fef903e211de4fbd21739e8b

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 488KB - Virtual size: 490KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 488KB - Virtual size: 490KB