4cf2ea677fe8149efa190591eb5be450

Sharing

Copy URL Twitter E-mail

General

Target

4cf2ea677fe8149efa190591eb5be450
Size

544KB
MD5

4cf2ea677fe8149efa190591eb5be450
SHA1

0a08f474a3c606d84a0f855896d73f8ccbf241b6
SHA256

c7cabf5edd7027321c079f0267030136bebb1f95b2cf279736845f94817bac64
SHA512

81e6bb5f8560a1c98992476e3385f2b80205adec7c321c4e0622eadd97f68175c7b32706609968c2dccbb31a99ce7888ce5c21f9f6d5ccd1da44bac69e3c413b
SSDEEP

12288:SaU2sz4PSSgEUY3QF7J6E1tJI+2/HvKGGdswhuceh77ve:EzkSSz3O7D4PViVeN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cf2ea677fe8149efa190591eb5be450

Files

4cf2ea677fe8149efa190591eb5be450
.exe windows:4 windows x86 arch:x86

0f35c81ceeb0249c8d9c3aaf4456caed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CloseHandle
GetOEMCP
GetModuleFileNameW
GetCommandLineA
SetFileAttributesW
GetConsoleMode
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCommandLineW
LoadLibraryA
SetConsoleWindowInfo
TlsAlloc
GetLogicalDriveStringsW
GetStartupInfoW
GetEnvironmentStringsW
SetHandleCount
InterlockedDecrement
WideCharToMultiByte
SetLastError
HeapCreate
InterlockedExchange
DeleteCriticalSection
GetLocaleInfoA
ReadFile
GetProcAddress
CompareStringA
SetStdHandle
GlobalGetAtomNameA
GetPrivateProfileSectionW
LCMapStringA
GetStartupInfoA
VirtualFree
OpenEventW
GetLastError
GetCurrentProcessId
TlsGetValue
InterlockedIncrement
CreateFileA
GetStdHandle
SetConsoleCtrlHandler
RtlUnwind
GetLocaleInfoW
WriteConsoleA
GetCPInfo
ReleaseSemaphore
GetDateFormatA
EnumCalendarInfoExA
GetThreadContext
MultiByteToWideChar
GetVersion
WriteFile
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
QueryPerformanceCounter
TlsSetValue
OpenMutexA
VirtualAlloc
HeapDestroy
GetTimeFormatA
Sleep
EnterCriticalSection
CompareStringW
InitializeCriticalSectionAndSpinCount
GetACP
GetCurrentThread
SetFilePointer
GetTickCount
GetModuleHandleW
GetProcessHeap
GetWindowsDirectoryW
IsDebuggerPresent
SetUnhandledExceptionFilter
GetFileType
WriteConsoleW
EnumResourceLanguagesA
TerminateProcess
VirtualQuery
GlobalFix
IsValidLocale
GetDiskFreeSpaceExA
SetEnvironmentVariableA
GetModuleHandleA
HeapSize
GetPrivateProfileStructW
GetUserDefaultLCID
VirtualFreeEx
CreateMutexA
GetProcessShutdownParameters
GetCurrentThreadId
TlsFree
GetStringTypeA
FreeLibrary
IsValidCodePage
HeapFree
OpenEventA
GetConsoleOutputCP
HeapAlloc
GetCurrentProcess
LeaveCriticalSection
ExitProcess
GetConsoleCP
CreateSemaphoreW
EnumSystemLocalesA
HeapReAlloc
GlobalUnlock
UnlockFile
GetStringTypeW
WritePrivateProfileSectionW
GetModuleFileNameA

user32

GetWindowInfo
ScrollDC
CreateWindowStationW
RegisterClassA
RegisterClassExA
LoadBitmapA

comdlg32

ChooseFontA

comctl32

InitCommonControlsEx

Sections

.text
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f35c81ceeb0249c8d9c3aaf4456caed

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

Sections

.text Size: 396KB - Virtual size: 396KB

.rdata Size: 27KB - Virtual size: 36KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 396KB - Virtual size: 396KB

.rdata
Size: 27KB - Virtual size: 36KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 10KB - Virtual size: 9KB