4be6f158699182f1986d9af753ec8d20

Sharing

Copy URL Twitter E-mail

General

Target

4be6f158699182f1986d9af753ec8d20
Size

185KB
MD5

4be6f158699182f1986d9af753ec8d20
SHA1

6dc716ff83488ce0c95205e52b8c1a7ba8731696
SHA256

e6fdbe93d3629ca979a61cea003501c85ffaee5772c68714b900b9781e78d909
SHA512

0638274cbc0c260eecf2a4970d823e31fa2a3d55c5bb896a011f45f6f2db300459e63cb3831af9e28b4c7fb2394e49a1fb2eaade87acff5536eff22f54ec0a99
SSDEEP

3072:Ccr/H9yzXYhLGnAj6mm6cSMG8up+lVR36WcMOAcPAcoQOMYGJ:PFyzXYnFm6cSN853RqvMOLSMYG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4be6f158699182f1986d9af753ec8d20

Files

4be6f158699182f1986d9af753ec8d20
.exe windows:4 windows x86 arch:x86

29f337ebf6de828b1e5ea0f45cdea5e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryA
CreateMutexA
GetCurrentThread
CreateSemaphoreA
GetCalendarInfoW
GetACP
EnterCriticalSection
LocalAlloc
ReleaseMutex
QueryPerformanceCounter
GetVersionExA
GetFileSize
MultiByteToWideChar
GetProfileStringW
DeleteFileW
GetCurrentProcess
GetModuleFileNameA
GetThreadLocale
InterlockedExchange
GetSystemInfo
GetProcAddress
TlsSetValue
GetWindowsDirectoryA
CreateFileA
TlsGetValue
GetTimeFormatW
WideCharToMultiByte
GetSystemDefaultLCID
GetCurrentProcessId
GetEnvironmentVariableW
GetSystemTimeAsFileTime
TlsFree
GetCurrentThreadId
EnumResourceNamesA
WaitForSingleObject
TerminateProcess
FindClose
GetLastError
GetThreadPriority
lstrcmpW
GetDateFormatA
SetThreadPriority
GetDateFormatW
FindNextFileA
DeleteCriticalSection
GetTimeFormatA
GlobalFree
ReleaseSemaphore
InitializeCriticalSection
ExitProcess
ReadFile
FreeLibrary
GetCurrentDirectoryA
FindFirstFileA
SetCurrentDirectoryA
LeaveCriticalSection
GetTickCount
GlobalUnlock
GetLocaleInfoA
GetModuleHandleA
GetSystemDirectoryA
IsProcessorFeaturePresent
lstrlenW
GetTempPathW
GlobalLock
GlobalAlloc
GetFileTime
GlobalSize
SetUnhandledExceptionFilter
InterlockedCompareExchange
GetLocalTime
CloseHandle
InterlockedIncrement
Sleep
RaiseException

gdi32

GetViewportOrgEx
GetStockObject
SetWorldTransform
StartPage
ModifyWorldTransform
SelectClipRgn
GetCurrentObject
LineTo
CreateCompatibleDC
GetClipBox
OffsetRgn
EndPath
SetDIBits
GetRgnBox
SetStretchBltMode
CloseFigure
AbortDoc
DeleteObject
EqualRgn
SetROP2
ExtSelectClipRgn
SetBrushOrgEx
CreatePatternBrush
ResetDCW
GetDIBColorTable
SelectPalette
Escape
PolyBezierTo
SaveDC
BeginPath
GetGraphicsMode
CreatePalette
CreatePolyPolygonRgn
CombineRgn
CreateRectRgn
StrokePath
SetGraphicsMode
GetObjectA
CreateBrushIndirect
SetMiterLimit
GetRegionData
IntersectClipRect
EndPage
GetWorldTransform
GetDeviceCaps
StretchBlt
PatBlt
SelectClipPath
MoveToEx
ExtCreatePen
ExtEscape
RealizePalette
CreateBitmap
FillPath
SetPolyFillMode
StretchDIBits
SelectObject
StartDocW
CreateICW
BitBlt
RestoreDC
EndDoc
CreateDIBSection
CreateCompatibleBitmap
CreateDCW
PolylineTo
Rectangle
DeleteDC
PolyDraw

ole32

CoGetClassObject
CoInitialize
CLSIDFromProgID
CoRevokeClassObject
CoGetProcessIdentifier
OleFlushClipboard
CoTaskMemAlloc
OleUninitialize
CoRegisterMessageFilter
OleInitialize
CoUninitialize
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
OleIsCurrentClipboard
CLSIDFromString

msimg32

AlphaBlend

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

shlwapi

PathRemoveFileSpecA
PathAppendA

user32

GetClientRect
GetActiveWindow
LoadCursorA
SetWindowPos
GetWindowRect
MonitorFromWindow
GetSystemMetrics
EnumDisplayMonitors
SetActiveWindow
RegisterClassA
GetMonitorInfoA
GetDesktopWindow
CreateWindowExA
OffsetRect
LoadIconA
ReleaseDC
ScrollWindowEx
MonitorFromPoint
DefWindowProcA
DestroyWindow
GetDC
CharNextW
WindowFromDC
UnregisterClassA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29f337ebf6de828b1e5ea0f45cdea5e0

Headers

File Characteristics

Imports

kernel32

gdi32

ole32

msimg32

advapi32

shlwapi

user32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 77KB - Virtual size: 76KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 77KB - Virtual size: 76KB

.edata
Size: 1024B - Virtual size: 372KB