4bea67642d1124bde1317e3334fdac03

Sharing

Copy URL Twitter E-mail

General

Target

4bea67642d1124bde1317e3334fdac03
Size

268KB
MD5

4bea67642d1124bde1317e3334fdac03
SHA1

fa343d0265e9c8be98a22c90f26d6b01160bd08d
SHA256

92b1219e94a7dfa3c0f225fdcccad8da8f83f5c3f479b92d09a265b49fe7922a
SHA512

82e41184448f650036853dd44deee12d6d8148274ed0670aa0431f58f77f02dcd0f911be12c77d91a8fbc1f097bdbc58c6266f186627b985a6b77b2e2a9e6d9f
SSDEEP

6144:sueiKf8xJ8cPsWKDs7egUNMvYCOGi/TDILhkYMWbA2M:PeTtcPsWK8egtVFiLDILOYD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bea67642d1124bde1317e3334fdac03

Files

4bea67642d1124bde1317e3334fdac03
.exe windows:4 windows x86 arch:x86

d9184e67187394d61a05f6c7e77318c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
VirtualProtect
LocalSize
AreFileApisANSI
GetSystemDirectoryW
GlobalReAlloc
SearchPathW
GetDateFormatA
GetSystemInfo
MultiByteToWideChar
GetPrivateProfileStringW
GetConsoleMode
GetDiskFreeSpaceExA
RaiseException
GetComputerNameW
GetStartupInfoA
SetTimeZoneInformation
GenerateConsoleCtrlEvent
GetModuleFileNameW
ReadConsoleA
EnumSystemCodePagesW
VirtualLock
GetDriveTypeA
GetLogicalDriveStringsA
GetUserDefaultLangID
SetCommTimeouts
GlobalFree
MoveFileW
GetTempPathW
OutputDebugStringW
CreateEventA
CreateMutexA
VirtualAlloc
FormatMessageA
GetModuleHandleA

user32

CopyAcceleratorTableA
GetTitleBarInfo
GetSysColor
FindWindowA
GetClassLongW
SendMessageW
IsWindowVisible
CreateDialogIndirectParamW
GetCaretBlinkTime
GetMessagePos
SetMenuItemInfoA
FrameRect
CreateWindowStationW
GetMonitorInfoW
GetAncestor
ValidateRgn
GetMenuItemCount
DefFrameProcA
MapVirtualKeyW
GetNextDlgGroupItem
GetMenuCheckMarkDimensions
CreateDialogIndirectParamA
EnumDisplayDevicesA

gdi32

GetCharacterPlacementW
SetMapperFlags

comdlg32

PageSetupDlgA
FindTextA
GetSaveFileNameA

advapi32

RegEnumValueW
GetFileSecurityW
EqualSid
GetUserNameW
LookupPrivilegeDisplayNameA
GetAclInformation
RegSaveKeyA
CryptGetHashParam
CryptVerifySignatureW

shell32

FindExecutableA
SHLoadInProc
SHGetSpecialFolderPathW

ole32

ReadFmtUserTypeStg
CoGetClassObject
StgOpenStorage
CoCreateInstance
CoInitializeEx

oleaut32

VariantChangeType
SysFreeString
SetErrorInfo

shlwapi

PathRemoveFileSpecW
UrlGetPartW
PathIsUNCServerW
UrlCreateFromPathW
PathCommonPrefixW
SHRegQueryUSValueW
StrChrW
wnsprintfA
StrTrimA
PathGetCharTypeW
SHRegCloseUSKey
UrlApplySchemeW
PathGetArgsW

msvcrt

_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__setusermatherr
_controlfp

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d9184e67187394d61a05f6c7e77318c3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Sections

.text Size: 236KB - Virtual size: 232KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 21KB

.text
Size: 236KB - Virtual size: 232KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 21KB