4d1710aac15db5a27673524f8294f121

General

Target

4d1710aac15db5a27673524f8294f121
Size

415KB
MD5

4d1710aac15db5a27673524f8294f121
SHA1

c1f352c9d65d72f80b5904fad7d597e4735393c6
SHA256

4657a40c3627e42b69b7790a737a59ed85b4e9b08b12e95ac1ce0c0d78ab2642
SHA512

7c655a8c5facdc5f84e1b9f504848fd87f623f8e5cf24c7be33a00a17f51628f65bf4d605b03482e19a9864e780beb7932e7397938e44a5bf3f2a2da2028a1ac
SSDEEP

6144:BCcR6h5UPDBwipbN13oXcwaBR8wTdGgsaawc683SLCAMHUolt3xea0Wwrd75wvHH:BTR6nUewbHpGYZ2fZlFxN3sd75wvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1710aac15db5a27673524f8294f121

Files

4d1710aac15db5a27673524f8294f121
.exe windows:4 windows x86 arch:x86

32a4f0def64e8f14c398e40cffb0e647

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetCurrentThread
GetCPInfo
FreeEnvironmentStringsW
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetCurrentProcess
SetLastError
VirtualAlloc
GetEnvironmentStringsW
IsBadWritePtr
HeapReAlloc
LCMapStringW
GetCommandLineA
LCMapStringA
GetStartupInfoA
InterlockedExchange
GetModuleFileNameA
GetStringTypeA
TlsSetValue
ExitProcess
HeapCreate
TlsGetValue
WriteFile
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
TlsAlloc
GetOEMCP
GetProcessShutdownParameters
QueryPerformanceCounter
WriteConsoleA
SetHandleCount
GetSystemDirectoryA
VirtualQuery
GetCurrentThreadId
GetLastError
HeapAlloc
MultiByteToWideChar
HeapFree
GetModuleHandleW
TerminateProcess
GetCurrentProcessId
EnterCriticalSection
VirtualFree
TlsFree
HeapDestroy
ExpandEnvironmentStringsW
GetFileType
InitializeCriticalSection
WideCharToMultiByte
GetStdHandle
GetProcAddress
LeaveCriticalSection
GetCurrentDirectoryA
GetACP
GetModuleHandleA
GetPrivateProfileSectionNamesW
GetVersion
DeleteCriticalSection
GetEnvironmentStrings

advapi32

InitiateSystemShutdownA
CryptEncrypt
CryptSignHashW
RegQueryValueExW
RegEnumKeyW
RegQueryInfoKeyA
RegOpenKeyW
GetUserNameA
LogonUserW
RegEnumKeyA

comdlg32

GetSaveFileNameA
GetOpenFileNameW
GetSaveFileNameW
LoadAlterBitmap
ChooseFontW
GetOpenFileNameA
FindTextA
ChooseColorW
GetFileTitleW
PrintDlgA
PageSetupDlgW
PrintDlgW
ChooseFontA
ReplaceTextW
ChooseColorA
PageSetupDlgA

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32a4f0def64e8f14c398e40cffb0e647

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

Sections

.text Size: 135KB - Virtual size: 135KB

.data Size: 268KB - Virtual size: 268KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 135KB - Virtual size: 135KB

.data
Size: 268KB - Virtual size: 268KB

.rsrc
Size: 10KB - Virtual size: 9KB