4bd81bdb20be2f4a638847fe6e0d5ede

General

Target

4bd81bdb20be2f4a638847fe6e0d5ede
Size

172KB
MD5

4bd81bdb20be2f4a638847fe6e0d5ede
SHA1

b2f1028c6803b037792f6638e544260305b825fc
SHA256

673aa7a640923b7eb70953ad011e5b1882ac521c7621652354eb1e0d2e4b6c27
SHA512

8075e340748e24a2d11cf7e565230fb61606ad201a0a23f4bfb87949dd6c3d7be6e42c83e4859c82f55f36bfce9e6486a1e06c50be7aa6f8e02e08da0bef6ceb
SSDEEP

3072:woPnT/DOjlc9RPjRw2aa4XTolVpnvPDB/9XgCDuyEr/Ox4wNpxY0AgGkCv:wsTCRc3PSamOpnjHvuNS9v3wZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bd81bdb20be2f4a638847fe6e0d5ede

Files

4bd81bdb20be2f4a638847fe6e0d5ede
.exe windows:4 windows x86 arch:x86

1856f4a3a8b263e5657ca42e0d619938

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

GetAcceptLanguagesA
UrlUnescapeW
UrlCreateFromPathW
PathAppendW
PathFindExtensionW
PathRemoveFileSpecW
PathIsRelativeW
StrCmpIW
PathCreateFromUrlW
PathCombineW

rpcrt4

UuidCreate

kernel32

GetPrivateProfileStringW
GetModuleHandleW
WaitForSingleObject
GetSystemDirectoryW
GetWindowsDirectoryA
GlobalFindAtomW
FindNextFileW
WritePrivateProfileStringW
FreeLibrary
HeapFree
lstrlenA
GetCurrentProcessId
FindClose
GetModuleHandleA
CreateMutexW
LoadLibraryExA
GetCurrentDirectoryW
EnumResourceLanguagesA
LoadLibraryW
HeapAlloc
LocalFree
lstrcmpiW
CopyFileW
ExpandEnvironmentStringsW
FindFirstFileW
GetPrivateProfileIntW
GetProcessHeap
ReleaseMutex
LoadLibraryExW
GetPrivateProfileIntW
GetSystemInfo
SetFileAttributesW
GetCurrentProcess

Sections

.text
Size: 88KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1856f4a3a8b263e5657ca42e0d619938

Headers

File Characteristics

Imports

shell32

shlwapi

rpcrt4

kernel32

Sections

.text Size: 88KB - Virtual size: 480KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 80KB - Virtual size: 80KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 480KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 1024B - Virtual size: 4KB