4b52a0604daa9f3761e085b9e0c02f7c

Sharing

Copy URL Twitter E-mail

General

Target

4b52a0604daa9f3761e085b9e0c02f7c
Size

205KB
MD5

4b52a0604daa9f3761e085b9e0c02f7c
SHA1

895e8f415e62b2b072e948320040d7c0aba87ce4
SHA256

c6174bbfc726a235c140f32ecac171cf6886ada1c5a1489f7457191874663ccf
SHA512

c2798925077cd279ef72513dc28d951a3d30620732bff9eca9b70bef2602d35c46c878d6023040ff7ed1e8d300a9e5eb5c60671591534599a3536ca05b1f3daf
SSDEEP

3072:bYTQkMiHb3yTvWBPWCb80VgFOZ0GNLpmi0gHQBmLQ5zKG2UTyem0iLPT/obpSaZ0:EyO3BPW0V/IgHQBmLoOGRv5i3USV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b52a0604daa9f3761e085b9e0c02f7c

Files

4b52a0604daa9f3761e085b9e0c02f7c
.dll windows:4 windows x86 arch:x86

6c628287a7b4b73148128f1347021149

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetMenuStringA
wsprintfA
GetClassNameA
MapVirtualKeyA
SetActiveWindow
GetMenuItemID
SetParent
IsZoomed
RedrawWindow
ActivateKeyboardLayout
DrawEdge
GetSysColor
AdjustWindowRectEx
GetActiveWindow
DrawIcon
SetScrollPos
LoadKeyboardLayoutA
DrawMenuBar
DefFrameProcA
CallNextHookEx
DestroyWindow
GetKeyboardState
GetKeyNameTextA
PeekMessageW
MsgWaitForMultipleObjects
PostQuitMessage
ShowWindow
EnableWindow
InsertMenuItemA
ClientToScreen
DrawIconEx
SetCursor

gdi32

GetDCOrgEx
CreatePalette
GetCurrentPositionEx

shell32

SHGetDiskFreeSpaceA
SHGetFolderPathA
SHGetFileInfoA

advapi32

RegDeleteKeyA
RegOpenKeyA

ole32

CoTaskMemFree
StringFromIID
WriteClassStm
ReleaseStgMedium
StgCreateDocfileOnILockBytes
OleRegGetUserType
CoUninitialize
CLSIDFromString

kernel32

InitializeCriticalSection
GetCurrentThread
FindClose
GetDateFormatA
GetVersion
LoadLibraryExA
RaiseException
LockResource
VirtualFree
SetEndOfFile
SetLastError
VirtualAllocEx
GetLastError
FindResourceA
DeleteFileA
LocalAlloc
GetEnvironmentStrings
ResetEvent
ExitProcess
WaitForSingleObject
CloseHandle
ExitThread
GetModuleFileNameA
GetModuleHandleA
lstrcpyA
HeapFree
LoadResource
GetCommandLineA
lstrlenA
DeleteCriticalSection
GetProcessHeap
WriteFile
lstrcmpiA
GetStringTypeA
FreeLibrary
EnterCriticalSection
GetDiskFreeSpaceA
GetVersionExA
GetCPInfo
GetLocalTime
GetStdHandle
LoadLibraryA
MoveFileExA

oleaut32

SafeArrayGetUBound
RegisterTypeLib
VariantCopyInd
OleLoadPicture
SysStringLen
SysAllocStringLen
SysReAllocStringLen
GetErrorInfo
SafeArrayUnaccessData
VariantChangeType

msvcrt

wcscspn
memcmp
tan
log10
pow
sprintf
memcpy
strcmp

comctl32

ImageList_Read
ImageList_DragShowNolock
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_Create

Sections

CODE
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 315B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c628287a7b4b73148128f1347021149

Headers

File Characteristics

Imports

user32

gdi32

shell32

advapi32

ole32

kernel32

oleaut32

msvcrt

comctl32

Sections

CODE Size: 28KB - Virtual size: 27KB

.data Size: 1024B - Virtual size: 112KB

.bss Size: 174KB - Virtual size: 173KB

.tls Size: 512B - Virtual size: 315B

.reloc Size: 512B - Virtual size: 52B

CODE
Size: 28KB - Virtual size: 27KB

.data
Size: 1024B - Virtual size: 112KB

.bss
Size: 174KB - Virtual size: 173KB

.tls
Size: 512B - Virtual size: 315B

.reloc
Size: 512B - Virtual size: 52B