4bbaecfde2f90b61a00c842dd0c93b01

General

Target

4bbaecfde2f90b61a00c842dd0c93b01
Size

24KB
MD5

4bbaecfde2f90b61a00c842dd0c93b01
SHA1

ff8aff6f9c74354795ac8109ca80f3a804025c6f
SHA256

0fa20b8c2182dd956b185a02e9515b6a0d1d97aa4ebe904ea8f33a5a6ce47f3e
SHA512

b8833ee531fdc38f1d909663975d957f7bd9bda214990acb23467337ced33b3512f88da2205bb4979395195be12d2d58cf0e721f6cb5ec38791d16718f57f46b
SSDEEP

768:t++H7pwUSyr8fckrLBVEkzWm1vJWop066c1ALm:t+e7GUSyBgBVsm1vJWw6c11

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bbaecfde2f90b61a00c842dd0c93b01

Files

4bbaecfde2f90b61a00c842dd0c93b01
.exe windows:4 windows x86 arch:x86

eb5703b30479e7a018055a4ee6960b34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
lstrcmpiA
WaitForSingleObject
CreateProcessA
CloseHandle
WriteFile
GetTickCount
ExitThread
CreateFileA
GetLocaleInfoA
GetVersionExA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
InterlockedDecrement
ExpandEnvironmentStringsA
GetModuleFileNameA
ReleaseMutex
CreateMutexA
TerminateThread
GetFileAttributesA
CopyFileA
SetFileAttributesA
ExitProcess
GetLastError
GetTempPathA
LocalFree
WideCharToMultiByte
GetStartupInfoA
Sleep

user32

ShowWindow
FindWindowA
CloseClipboard
SetClipboardData
keybd_event
BlockInput
SetForegroundWindow
SetFocus
VkKeyScanA
OpenClipboard
EmptyClipboard

msvcrt

wcslen
strcpy
_CxxThrowException
rand
strchr
strcat
free
memcpy
memset
malloc
strncpy
strlen
_vsnprintf
??2@YAPAXI@Z
strcmp
strstr
srand
__CxxFrameHandler
_EH_prolog
_snprintf
strtok
memcmp
atoi
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
sprintf
??1type_info@@UAE@XZ

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb5703b30479e7a018055a4ee6960b34

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

ole32

oleaut32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 275KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 275KB