4d576e327c901d357019b52ab274fbdc

Sharing

Copy URL

Twitter E-mail

General

Target

4d576e327c901d357019b52ab274fbdc
Size

42KB
MD5

4d576e327c901d357019b52ab274fbdc
SHA1

258aa64d7074186701d00c5f8aa519dc2a8466aa
SHA256

791bb04f7e7abee241b843a8259a7857d5a528b536add3d69b33c2c864e26f60
SHA512

37fd7c24995eab1c7925ba58421543c6cd1ca1f0432f4d4eeddc7e98c3940fd509acafe3d61a8bdc7da6aca156b998ecd05c292e52b1491a5dc8d1d777fb2a63
SSDEEP

768:WvsnUgQ4S4L6AcyeT3uratMQBeEMoEL39D:WvsUq6AcyeT3MatAFoE79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d576e327c901d357019b52ab274fbdc

Files

4d576e327c901d357019b52ab274fbdc
.exe windows:4 windows x86 arch:x86

192fa14661f22da24ebac0715f0c27b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
MapViewOfFileEx
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
CreateFileA
SearchPathA
RemoveDirectoryA
FindClose
GetLastError
FindNextFileA
DeleteFileA
WriteFile
MoveFileA
SetFileAttributesA
GetFileSize
FindFirstFileA
GetDriveTypeA
GetLogicalDrives
IsDebuggerPresent
ExitProcess
CreateProcessA
CreateThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
GetVersionExA
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
CopyFileA
VirtualAlloc
GetSystemDirectoryA
CreateMutexA
TerminateProcess
OpenProcess
FreeLibrary
GetCurrentProcessId
LocalFree
LocalAlloc
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
GetStringTypeW
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
HeapCreate
HeapDestroy
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
UnmapViewOfFile
VirtualFree
VirtualProtect
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcmpA
GetModuleFileNameA
lstrcpynA
lstrlenA
EnterCriticalSection
lstrcmpiA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapFree
GetProcessHeap
Sleep
lstrcatA
HeapAlloc
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

CharUpperA
SetWindowTextA
BlockInput
GetWindowTextA
EnumChildWindows
GetClassNameA
PostMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBoxA
ExitWindowsEx
ChangeDisplaySettingsA
EnumWindows
FindWindowA
FindWindowExA
MoveWindow
wsprintfA
SystemParametersInfoA

advapi32

StartServiceA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegOpenKeyA
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
CreateServiceA

shlwapi

PathRemoveFileSpecA
PathStripPathA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

192fa14661f22da24ebac0715f0c27b4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 11KB - Virtual size: 10KB