4bb2ce13e56a80f6e2e38868e44a5f04

Sharing

Copy URL Twitter E-mail

General

Target

4bb2ce13e56a80f6e2e38868e44a5f04
Size

467KB
MD5

4bb2ce13e56a80f6e2e38868e44a5f04
SHA1

fdaf603e4fdcd0f676afc5a610e3e9c9458965f1
SHA256

7f5d12f82066042a486cce1203321712d933e895b8579b9d9369d2180f918043
SHA512

37e1d167bc9758a7db58b1e51a3217ffb05cc422005c991c21fce25e397b146f1254f1cb25bdaee07d16d29ab578a3506838abd9e83b54be4647d1358bfdc66c
SSDEEP

6144:Ogn9q/QBUFg4KPnszBgCkOBveDMKHrx4X57DVTpLV3xZEd90Q6nQRgzN2qDIbQAL:n9qRFOEvPweVHYr0Qyn2sMCzYUy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bb2ce13e56a80f6e2e38868e44a5f04

Files

4bb2ce13e56a80f6e2e38868e44a5f04
.exe windows:4 windows x86 arch:x86

487c6115c7d05639b1721b90664f781b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
CreateMutexA
SetConsoleCP
GetStartupInfoA
GetModuleHandleA
IsValidLocale
EnumResourceTypesA
SetSystemTime
OutputDebugStringA
GetACP
HeapDestroy
TlsFree
HeapFree
GetStringTypeW
FlushInstructionCache
GetStdHandle
GetProcAddress
SetHandleCount
FreeEnvironmentStringsA
LoadLibraryA
QueryPerformanceCounter
FlushFileBuffers
GetSystemTimeAsFileTime
InterlockedIncrement
GlobalReAlloc
UnhandledExceptionFilter
WritePrivateProfileStringW
GetEnvironmentStringsW
GetCPInfo
InitializeCriticalSection
SetConsoleWindowInfo
GetEnvironmentStrings
CloseHandle
TerminateProcess
WriteProfileStringW
DeleteCriticalSection
HeapReAlloc
CompareStringW
ReadConsoleOutputA
OpenMutexA
SetStdHandle
InterlockedExchange
GetCurrentProcessId
EnumResourceTypesW
EnterCriticalSection
GetFileType
GetLocalTime
TlsGetValue
WriteConsoleInputW
TlsSetValue
VirtualLock
VirtualQuery
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetOEMCP
InterlockedDecrement
CompareStringA
GetSystemTime
LeaveCriticalSection
VirtualAlloc
GetCurrentProcess
GetCommandLineA
VirtualFree
SetThreadPriority
GetCurrentThread
FreeEnvironmentStringsW
GetLastError
SetLastError
IsBadWritePtr
GetVersion
ReadFile
GetModuleFileNameA
TlsAlloc
HeapAlloc
SetEnvironmentVariableA
SetFilePointer
ExitProcess
HeapCreate
RtlUnwind
SetEvent
GetProcAddress
GetTickCount
WriteProfileSectionA
WriteFile
LCMapStringW
GetCurrentThreadId
DosDateTimeToFileTime
MapViewOfFileEx
GetTimeZoneInformation

comctl32

InitCommonControlsEx

user32

CheckDlgButton
GetCursor
WinHelpA
GetDialogBaseUnits
GetOpenClipboardWindow
RegisterClassExA
RegisterClassA
EnumDesktopWindows
GetClassNameW
GetAncestor
GetMonitorInfoA
ShowScrollBar

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

487c6115c7d05639b1721b90664f781b

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 4KB - Virtual size: 26KB

.data Size: 312KB - Virtual size: 311KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 4KB - Virtual size: 26KB

.data
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 4KB - Virtual size: 3KB