4b5ca3df8fee1c5ba31260e505451e91

Sharing

Copy URL Twitter E-mail

General

Target

4b5ca3df8fee1c5ba31260e505451e91
Size

373KB
MD5

4b5ca3df8fee1c5ba31260e505451e91
SHA1

8e856e60607be28660cdf893bf21d8b29ddc2783
SHA256

3d5b5bdd3db3338039604eab988cc57fbdba6fda546bcd48c87922119be865d9
SHA512

20ed2a9dcd7c0a4bb0988f682169b6138ba2f260408ce25c539800895217bc015b0779dd2ff0f544d7eb212031cb58f7d057573ecccb735ee326119850282739
SSDEEP

6144:V8rha1Rcl09VYqMDV4zdy7HMC1uflncOG5WIFaW92F:VShuj9Fuizdksf9GD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b5ca3df8fee1c5ba31260e505451e91

Files

4b5ca3df8fee1c5ba31260e505451e91
.exe windows:4 windows x86 arch:x86

df6a00cc771a6b232daa938c213ec488

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
GetFileTitleA

gdi32

CreatePen
EnumFontFamiliesExW
GetSystemPaletteUse
GetTextMetricsA
PtVisible
GetArcDirection

user32

DefFrameProcW
ShowWindow
DestroyWindow
DdeKeepStringHandle
GetInputDesktop
GetClientRect
RegisterClassA
MessageBoxW
EnumPropsA
TileWindows
CreateWindowExW
GetWindowTextLengthW
GetWindowThreadProcessId
DdeFreeDataHandle
DdeInitializeA
SetWinEventHook
EnumDisplaySettingsExW
LoadImageA
DrawFrame
wvsprintfA
RemoveMenu
MessageBoxIndirectA
DefWindowProcW
CharNextA
ShowCaret
DdeAccessData
OpenWindowStationW
RegisterClassExA
SendNotifyMessageA
GetParent
LoadMenuA
EnumDesktopWindows
IsClipboardFormatAvailable

shell32

SHQueryRecycleBinA
ExtractAssociatedIconW
SHBrowseForFolderA
ExtractAssociatedIconExA
SHGetFileInfoA

wininet

InternetOpenUrlA
InternetFortezzaCommand
FtpGetFileA
RetrieveUrlCacheEntryStreamA
InternetTimeToSystemTimeW
InternetGetCertByURLA
GopherCreateLocatorA
RetrieveUrlCacheEntryStreamW
InternetDial

kernel32

HeapCreate
GetSystemDefaultLangID
GetCommandLineA
SystemTimeToFileTime
GetDateFormatW
WriteProfileStringA
IsValidLocale
GetCurrentProcessId
CloseHandle
EnumSystemLocalesA
UnhandledExceptionFilter
GetSystemInfo
SetConsoleCP
GetModuleHandleA
OpenMutexA
FreeLibraryAndExitThread
WriteFile
FreeEnvironmentStringsW
CreateFileMappingA
SetEnvironmentVariableA
MultiByteToWideChar
GetCurrentThreadId
lstrcpyA
VirtualQuery
GetEnvironmentStrings
GetTempPathA
CreateMutexA
CompareStringA
GetStringTypeA
GetMailslotInfo
GetACP
LeaveCriticalSection
FlushFileBuffers
TlsGetValue
LCMapStringA
LoadModule
GetDateFormatA
DeleteCriticalSection
CompareStringW
ResumeThread
GetTempPathW
RtlUnwind
VirtualFree
GetUserDefaultLCID
VirtualAlloc
VirtualProtect
FreeEnvironmentStringsA
SetLastError
GetModuleFileNameA
QueryPerformanceCounter
GetCommandLineW
CreateFileA
GetTickCount
HeapFree
HeapReAlloc
GetEnvironmentStringsW
GetStdHandle
LoadLibraryA
SetStdHandle
GetProcAddress
EnterCriticalSection
IsBadWritePtr
lstrcpyn
GetFileType
EnumSystemLocalesW
InitializeCriticalSection
TlsSetValue
GetCPInfo
SetFilePointer
GetTimeZoneInformation
HeapLock
GetSystemTimeAsFileTime
LCMapStringW
VirtualAllocEx
GetVersionExA
HeapSize
WideCharToMultiByte
GetTimeFormatA
GetOEMCP
FileTimeToSystemTime
GetCurrentThread
TlsAlloc
ReadFile
WaitForSingleObjectEx
GetLocaleInfoW
GetLocaleInfoA
GlobalHandle
GetCurrentProcess
SetHandleCount
GetStringTypeW
ExitProcess
GetStartupInfoA
GetLastError
ResetEvent
TerminateProcess
IsValidCodePage
HeapAlloc
TlsFree
InterlockedExchange
HeapDestroy

comctl32

ImageList_DrawEx
InitCommonControlsEx
CreateMappedBitmap
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_SetBkColor
ImageList_GetFlags
CreatePropertySheetPageW

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df6a00cc771a6b232daa938c213ec488

Headers

File Characteristics

Imports

comdlg32

gdi32

user32

shell32

wininet

kernel32

comctl32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 133KB - Virtual size: 133KB

.data Size: 93KB - Virtual size: 107KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 133KB - Virtual size: 133KB

.data
Size: 93KB - Virtual size: 107KB

.rsrc
Size: 14KB - Virtual size: 14KB