4c4cdbb1b93fa8f9192d033e75c47a15

Sharing

Copy URL Twitter E-mail

General

Target

4c4cdbb1b93fa8f9192d033e75c47a15
Size

1.1MB
MD5

4c4cdbb1b93fa8f9192d033e75c47a15
SHA1

0514afd0613bd09b3c348483cc214d2ef7c17887
SHA256

68bb059983655c657e51f7c45b5f534c36b5382e2ae52eb8aeca5a8bdfbbffbe
SHA512

e646e166ad88136195bf2f51ed9dd5afa4d2ddeac5a8ee5ae34b4273e500dfb09740207a27c5c771de86b5fbafd0da9d17ce2d2bb47deb1a3960f78b9939069a
SSDEEP

6144:bK6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yTOK1hXzYmYCrQx6Zfc:bM+ZdkmHubeaCo66JJZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c4cdbb1b93fa8f9192d033e75c47a15

Files

4c4cdbb1b93fa8f9192d033e75c47a15
.exe windows:4 windows x86 arch:x86

190c23d52f3d8e4f3b5b684edfff6cff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
WritePrivateProfileStringW
WaitForMultipleObjects
TerminateProcess
Sleep
ReadProcessMemory
OpenProcess
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GetWindowsDirectoryW
GetVersionExW
GetTempPathW
WriteProcessMemory
VirtualProtect
OutputDebugStringW
OpenMutexW
MulDiv
IsBadReadPtr
HeapDestroy
HeapCreate
GlobalUnlock
GlobalSize
GlobalHandle
GlobalLock
GlobalFree
GlobalAlloc
GetTickCount
GetSystemInfo
GetProcAddress
GetPrivateProfileStringW
GetLastError
GetCurrentThreadId
GetCurrentProcess
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FlushInstructionCache
EnterCriticalSection
DeleteCriticalSection
CreateMutexW
CloseHandle
VirtualAlloc

user32

DialogBoxParamW
GetDesktopWindow
IsDlgButtonChecked
GetDlgItem
EnableWindow
EndDialog
SetFocus
MessageBoxW
LoadStringW
LoadIconA

gdi32

TextOutA
StartPage
StartDocA
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectObject
SelectClipRgn
MoveToEx
LineTo
GetTextMetricsW
GetTextFaceA
GetTextExtentPoint32A
GetStockObject
GetRgnBox
GetObjectW
GetDeviceCaps
GdiFlush
EndPage
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreateFontA
CreateFontW
CreateDIBSection
CreateDCW
CreateCompatibleDC
CombineRgn
BitBlt
GetEnhMetaFileA
GetEnhMetaFileW

advapi32

RegOpenKeyW

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 607KB - Virtual size: 607KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t1tta24
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta23
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta22
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta21
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta20
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta19
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta9
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta8
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta7
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta6
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta5
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta4
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta3
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta2
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190c23d52f3d8e4f3b5b684edfff6cff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 366KB - Virtual size: 365KB

.rdata Size: 607KB - Virtual size: 607KB

t1tta24 Size: 512B - Virtual size: 501B

t1tta23 Size: 512B - Virtual size: 501B

t1tta22 Size: 512B - Virtual size: 501B

t1tta21 Size: 512B - Virtual size: 501B

t1tta20 Size: 512B - Virtual size: 501B

t1tta19 Size: 512B - Virtual size: 501B

t1tta9 Size: 512B - Virtual size: 501B

t1tta8 Size: 512B - Virtual size: 501B

t1tta7 Size: 512B - Virtual size: 501B

t1tta6 Size: 512B - Virtual size: 501B

t1tta5 Size: 512B - Virtual size: 501B

t1tta4 Size: 512B - Virtual size: 501B

t1tta3 Size: 512B - Virtual size: 501B

t1tta2 Size: 512B - Virtual size: 501B

t1tta Size: 99KB - Virtual size: 98KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 366KB - Virtual size: 365KB

.rdata
Size: 607KB - Virtual size: 607KB

t1tta24
Size: 512B - Virtual size: 501B

t1tta23
Size: 512B - Virtual size: 501B

t1tta22
Size: 512B - Virtual size: 501B

t1tta21
Size: 512B - Virtual size: 501B

t1tta20
Size: 512B - Virtual size: 501B

t1tta19
Size: 512B - Virtual size: 501B

t1tta9
Size: 512B - Virtual size: 501B

t1tta8
Size: 512B - Virtual size: 501B

t1tta7
Size: 512B - Virtual size: 501B

t1tta6
Size: 512B - Virtual size: 501B

t1tta5
Size: 512B - Virtual size: 501B

t1tta4
Size: 512B - Virtual size: 501B

t1tta3
Size: 512B - Virtual size: 501B

t1tta2
Size: 512B - Virtual size: 501B

t1tta
Size: 99KB - Virtual size: 98KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 26KB - Virtual size: 26KB