4cfe38f795870cbc8c520cbcd124d3a0

Sharing

Copy URL

Twitter E-mail

General

Target

4cfe38f795870cbc8c520cbcd124d3a0
Size

320KB
MD5

4cfe38f795870cbc8c520cbcd124d3a0
SHA1

3be4a38a97593ca65dd97f6262654bdbd7812897
SHA256

3f0b8ab58a284849f64fbfa3464a4022a7996a47a165a8e82f5903b9ea1c4105
SHA512

ad3ba3d8bf6f455ea02fb8012b92323e1014c522daa441ec768e6cb084443d68395e12e8b8c3d48cc067956a7e2d0ab1e6deacb1620a01d6460755a1a900a69b
SSDEEP

6144:iD+Gewy5ih3kcaU5BQ7cY6dvBwyo7OMKh7enPjQwn:iD+Gewy5idVH5BQ7cdd5gOXRerxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cfe38f795870cbc8c520cbcd124d3a0

Files

4cfe38f795870cbc8c520cbcd124d3a0
.exe windows:4 windows x86 arch:x86

28544d0326ab27b334a48feb9ebd7f07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateIcon
DrawTextExW
CreateDialogIndirectParamA
DrawIconEx
GetWindowPlacement
SendMessageA
MessageBoxA
NotifyWinEvent
LoadStringW
RemovePropA
CharPrevExA
WINNLSEnableIME
GetKeyboardState
DrawTextW
GetWindowTextW
RegisterClassExA
UnregisterDeviceNotification
LoadAcceleratorsA
SetWindowWord
CallMsgFilter
SetPropA
DestroyWindow
GetUserObjectSecurity
CreateWindowExW
ShowWindow
CreateAcceleratorTableW
GetClipboardData
TabbedTextOutA
CreateMenu
DdeUninitialize
wsprintfW
RegisterClassA
SetWindowPos
SetLastErrorEx
UnpackDDElParam
OpenIcon
DrawStateA
EnumThreadWindows
DdeNameService
DefWindowProcW
CallMsgFilterW
CharLowerBuffW
PostThreadMessageA
MapVirtualKeyExW
SetForegroundWindow
BeginPaint
GetClassLongW
CharNextExA
DdeDisconnect
GetMenuItemRect
GetDC
GetWindow
CreateWindowExA
GetThreadDesktop
TranslateAcceleratorW
GetClipboardOwner
DefDlgProcW
EnumDisplayMonitors
UnloadKeyboardLayout
ReuseDDElParam
DdeQueryStringA
AppendMenuW
ChildWindowFromPointEx
DefWindowProcA
EnumWindowStationsW
ShowWindowAsync
SetCursor
DdeAbandonTransaction
OemToCharBuffA
SetDoubleClickTime

advapi32

CryptVerifySignatureA
CryptGetDefaultProviderA
CryptGenKey
LookupAccountSidA
RegSaveKeyW
InitializeSecurityDescriptor
RegDeleteKeyA
LookupSecurityDescriptorPartsW
LookupAccountSidW
RegQueryInfoKeyA
RegDeleteValueA
RegReplaceKeyA
RegOpenKeyExA
CryptEnumProvidersW
StartServiceA
CryptGetHashParam
CryptSetProvParam
RegOpenKeyExW
LookupPrivilegeNameW

kernel32

GetLocaleInfoW
VirtualQuery
UnhandledExceptionFilter
GetCurrentProcess
CompareStringA
GetCurrentThread
GetOEMCP
TlsSetValue
HeapFree
GetModuleFileNameA
HeapCreate
GetCurrentThreadId
FreeEnvironmentStringsW
GetVersionExA
LoadLibraryA
GetSystemInfo
ReadFile
GetStartupInfoA
LCMapStringW
HeapDestroy
GetACP
LeaveCriticalSection
TerminateProcess
VirtualFree
GetFileType
TlsFree
VirtualAlloc
FlushFileBuffers
GetStdHandle
TlsAlloc
GetUserDefaultLCID
LCMapStringA
HeapSize
GetSystemTimeAsFileTime
IsValidCodePage
GetStartupInfoW
GetEnvironmentStringsW
EnterCriticalSection
CloseHandle
GetLocaleInfoA
CompareStringW
SetHandleCount
IsBadWritePtr
CreateDirectoryW
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
OpenMutexA
GetDateFormatA
GetStringTypeW
IsValidLocale
HeapReAlloc
TlsGetValue
QueryPerformanceCounter
GetTickCount
InitializeCriticalSection
GetStringTypeA
ExitProcess
GetTimeFormatA
DeleteCriticalSection
CreateMutexA
GetEnvironmentStrings
GetLastError
GetModuleFileNameW
GetCommandLineA
FreeEnvironmentStringsA
EnumSystemLocalesA
GetModuleHandleA
SetEnvironmentVariableA
GetCommandLineW
SetStdHandle
WriteFile
SetFilePointer
VirtualProtect
HeapAlloc
GetCPInfo
GetTimeZoneInformation
RtlUnwind
GetProcAddress
InterlockedExchange
SetLastError

comctl32

DrawInsert
DrawStatusTextW
ImageList_Read
ImageList_SetBkColor
InitCommonControlsEx
ImageList_LoadImageA
ImageList_Create
ImageList_GetBkColor
ImageList_AddMasked
ImageList_Duplicate
CreateToolbar
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_Replace
ImageList_GetIconSize
DrawStatusTextA
ImageList_Merge
CreateStatusWindow
ImageList_Draw
ImageList_SetFlags

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28544d0326ab27b334a48feb9ebd7f07

Headers

File Characteristics

Imports

user32

advapi32

kernel32

comctl32

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 88KB - Virtual size: 111KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 88KB - Virtual size: 111KB

.rsrc
Size: 12KB - Virtual size: 11KB