4c0eff341931b42b210aa59be4182ea4

General

Target

4c0eff341931b42b210aa59be4182ea4
Size

43KB
MD5

4c0eff341931b42b210aa59be4182ea4
SHA1

de0ad225095b889a98f7462c3ff0dd3ebfb0e9b5
SHA256

0e369086e461e76cf1e888bbccd480bb54dbe73e679bac783f8b0c6f9750d0b0
SHA512

bd2b2d65c79ce7bcf8ec40ecbb0c69b7e05ec77ef777898c4fb6e01ac3e4f44bb4ab29bdc4b7ea5dad7a9e08737104a6cb6539eb7c533b8594d1dd30fe69fec7
SSDEEP

768:BPr/Uze789enF5n5pZSCaFL+ZPGmzc4Rcb2AUHlk6ySCkMw2S7aWRBp9wux:B6KTnn4CaFihGicnb2JlkqVMPSGqB7Rx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c0eff341931b42b210aa59be4182ea4

Files

4c0eff341931b42b210aa59be4182ea4
.exe windows:4 windows x86 arch:x86

6b7d5207277f8fda53ae97bf580d271c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
CreateFileA
EnumResourceNamesW
EnumResourceTypesW
ExitProcess
FindClose
FindFirstFileExW
GetConsoleTitleA
GetLocaleInfoW
GetModuleFileNameA
GetProfileStringA
Module32Next
QueryDosDeviceA
ReadConsoleA
RtlUnwind
RtlZeroMemory
SetCurrentDirectoryW
SetFileAttributesA
SignalObjectAndWait
TryEnterCriticalSection
UpdateResourceA
lstrcatW

user32

ActivateKeyboardLayout
AttachThreadInput
CallNextHookEx
CreateCursor
DdeConnectList
DlgDirSelectExA
EnableMenuItem
EndDialog
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetQueueStatus
GetWindowRect
GetWindowWord
IMPQueryIMEA
MenuItemFromPoint
MonitorFromWindow
OpenDesktopA
OpenWindowStationA
PostThreadMessageW
RemovePropW
SetProcessDefaultLayout
SetScrollInfo
SwitchToThisWindow
TrackPopupMenuEx

gdi32

Arc
BeginPath
CombineRgn
CreateEnhMetaFileW
CreatePolygonRgn
EndPage
EnumFontFamiliesExA
EnumMetaFile
EqualRgn
FlattenPath
GetArcDirection
GetClipRgn
GetEnhMetaFileA
GetEnhMetaFilePaletteEntries
GetMetaFileBitsEx
GetOutlineTextMetricsA
GetPaletteEntries
GetRasterizerCaps
GetTextCharacterExtra
GetWindowExtEx
IntersectClipRect
PatBlt
PathToRegion
PlayMetaFileRecord
ResetDCW
ResizePalette
SelectClipPath
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b7d5207277f8fda53ae97bf580d271c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 41KB - Virtual size: 52KB

.rdata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 41KB - Virtual size: 52KB

.rdata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 8KB