4b8f2059d2f73d435ff905963a5f3072

Sharing

Copy URL Twitter E-mail

General

Target

4b8f2059d2f73d435ff905963a5f3072
Size

458KB
MD5

4b8f2059d2f73d435ff905963a5f3072
SHA1

e140fd14d74a4c6436929c8b15e1a8cb3160cd7d
SHA256

ffc95ddd1cbf6e4580a10de2aac5e3b04e5acc4b3bd316b824099cf18912272f
SHA512

afe5a1df65ddc10bf8d7f29612e78a741cf972f7dd292781cc7e12604e7a57f88d9c017bd989daa5e22cb0f5ae276a31bcc34b8e697fe89a64289025fe51eb79
SSDEEP

12288:SNmXC1bRq6L4/6pLjWSiG5peWrjqPfqokd7ElozM9:SYMbRq6M/cLjWSiUeBfPUKow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b8f2059d2f73d435ff905963a5f3072

Files

4b8f2059d2f73d435ff905963a5f3072
.exe windows:4 windows x86 arch:x86

d338d812fc298ebf11620ca9e84a4e54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptVerifySignatureW
RegDeleteKeyW
RegQueryMultipleValuesA
LookupPrivilegeDisplayNameW
RegEnumKeyW
RegCreateKeyA
AbortSystemShutdownW
CryptSetKeyParam
RegSetValueExW
RegCreateKeyExW
AbortSystemShutdownA
InitializeSecurityDescriptor
RegOpenKeyA
LookupAccountNameW
RegOpenKeyExW
CryptDestroyKey
CryptGenKey
RegSetValueA
CryptDecrypt
CryptEnumProvidersA
RegEnumKeyA
CryptAcquireContextA
DuplicateToken
ReportEventA

kernel32

VirtualAlloc
GetCurrentThreadId
InitializeCriticalSection
SetHandleCount
FlushFileBuffers
FreeEnvironmentStringsA
GetStringTypeA
WideCharToMultiByte
GetSystemTime
OpenMutexA
GetCPInfo
GetProcAddress
TlsGetValue
EnterCriticalSection
HeapAlloc
GetStartupInfoA
LCMapStringA
CreateMutexA
GetLocalTime
VirtualFree
SetStdHandle
HeapReAlloc
SetLastError
GetOEMCP
GetCommandLineA
GetProcAddress
GetACP
InterlockedDecrement
WriteConsoleW
GetCurrentProcess
GetDriveTypeW
TerminateProcess
GetCurrentProcessId
CloseHandle
GetTickCount
GetEnvironmentStrings
QueryPerformanceCounter
SetFilePointer
DuplicateHandle
LCMapStringW
VirtualQuery
GetTimeZoneInformation
TlsSetValue
GetFileType
CreateNamedPipeA
ExitProcess
GetVersion
FreeEnvironmentStringsW
SetEnvironmentVariableA
ReadFile
LeaveCriticalSection
GetStringTypeW
GetEnvironmentStringsW
GetCurrentThread
HeapCreate
HeapFree
GlobalCompact
TlsAlloc
IsBadWritePtr
InterlockedExchange
RtlUnwind
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleFileNameA
TlsFree
CompareStringW
LoadLibraryA
GetLastError
HeapDestroy
GetModuleHandleA
GetStdHandle
GetSystemTimeAsFileTime
CompareStringA
DeleteCriticalSection
WriteFile
InterlockedIncrement

comdlg32

LoadAlterBitmap
PageSetupDlgW
PrintDlgA

gdi32

SetPixel
GetMetaFileA
StartDocW
ExtFloodFill
PolyTextOutA
GetTextExtentPointW
GetCharWidthFloatA
GetLogColorSpaceW
PolyBezier
CheckColorsInGamut
GetICMProfileW
ModifyWorldTransform
CreateScalableFontResourceW
CombineRgn
AngleArc
GetBitmapBits
GetAspectRatioFilterEx
SetColorSpace
SetMiterLimit
SetLayout
SetGraphicsMode
GetCharABCWidthsW
GetCurrentObject
GetCharABCWidthsFloatA

wininet

InternetReadFile
FtpSetCurrentDirectoryA
FindFirstUrlCacheEntryExW
HttpAddRequestHeadersA
RunOnceUrlCache
FtpGetFileEx
InternetTimeFromSystemTimeA

user32

CreateWindowExA
SetWindowWord
OpenWindowStationW
SetCaretPos
SetDeskWallpaper
GetCapture
RegisterClassExA
RegisterClassA
DefMDIChildProcW
DefWindowProcW
MapVirtualKeyA

comctl32

InitCommonControlsEx

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d338d812fc298ebf11620ca9e84a4e54

Headers

File Characteristics

Imports

advapi32

kernel32

comdlg32

gdi32

wininet

user32

comctl32

Sections

.text Size: 290KB - Virtual size: 289KB

.rdata Size: 52KB - Virtual size: 79KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 290KB - Virtual size: 289KB

.rdata
Size: 52KB - Virtual size: 79KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 12KB - Virtual size: 11KB