4d7d6806b6443138b9f599e92acb5e8a

Sharing

Copy URL

Twitter E-mail

General

Target

4d7d6806b6443138b9f599e92acb5e8a
Size

351KB
MD5

4d7d6806b6443138b9f599e92acb5e8a
SHA1

460281ea31330ec2ac5cbd4b5f3e0d55615bab6a
SHA256

27cb2a887b0a24f6ad1f1504f655a1a8fcdf45a45213f8c5642ca8621945f498
SHA512

754474a2ed470db6aa53a1096e88605021b3f27b645767037367127fd445c0f790320f4b70dd599e7f0069a38b2b1787e7ae16ca6c5596b4246b8d1421bd4a89
SSDEEP

6144:ALUphsbT4uL2yuBSqUURwyALuSzhSvj//LYhRHwHE:gUphsZbuwqUUSyAp9Gj7eRH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d7d6806b6443138b9f599e92acb5e8a

Files

4d7d6806b6443138b9f599e92acb5e8a
.exe windows:4 windows x86 arch:x86

929adc69fe3563cb046e90e052507da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExW
CreateFileA
GetCurrentProcessId
CreateMutexA
GetEnvironmentStrings
HeapDestroy
VirtualFree
GetComputerNameA
GetStringTypeA
Sleep
GetTimeZoneInformation
GetTimeFormatA
GetStartupInfoW
GetConsoleMode
LoadLibraryA
TlsFree
GetProcAddress
VirtualQuery
SetConsoleCtrlHandler
GetOEMCP
ExitProcess
SetHandleCount
DeleteCriticalSection
FreeLibrary
GetCurrentThreadId
GetConsoleOutputCP
VirtualAlloc
GetStdHandle
EnumSystemLocalesA
TlsAlloc
InterlockedDecrement
WaitForMultipleObjects
GetConsoleCP
FlushFileBuffers
UnhandledExceptionFilter
GetCommandLineA
InitializeCriticalSection
GetStartupInfoA
RtlUnwind
GetLocaleInfoA
GetCPInfo
MultiByteToWideChar
GetSystemDefaultLCID
HeapCreate
GetCurrentProcess
GetACP
SetEnvironmentVariableA
lstrcpy
IsValidCodePage
TerminateProcess
GetModuleFileNameA
GetTickCount
GetSystemTimeAsFileTime
WriteConsoleW
FreeEnvironmentStringsA
GetModuleFileNameW
OpenMutexA
SetUnhandledExceptionFilter
InterlockedExchange
HeapReAlloc
GetCommandLineW
GetEnvironmentStringsW
IsValidLocale
GetVersionExA
LeaveCriticalSection
ReadFile
HeapAlloc
SetFilePointer
WriteConsoleA
SetLastError
TlsSetValue
InterlockedIncrement
GetCurrentThread
GetProcessHeap
GetDateFormatA
EnterCriticalSection
LCMapStringW
GetStringTypeW
WideCharToMultiByte
WriteFile
CompareStringW
CloseHandle
QueryPerformanceCounter
SetStdHandle
IsDebuggerPresent
GetUserDefaultLCID
HeapSize
FreeEnvironmentStringsW
GetLocaleInfoW
CompareStringA
GetModuleHandleA
GetFileType
LCMapStringA
GetLastError
HeapFree
TlsGetValue

comctl32

CreateStatusWindowA
ImageList_SetIconSize
InitCommonControlsEx
ImageList_Merge
ImageList_AddIcon
ImageList_Remove
ImageList_BeginDrag
CreateStatusWindowW
ImageList_Create

gdi32

BitBlt
PlayEnhMetaFile
Rectangle
GetPixel
DeleteDC
CreateDCA
GetDeviceCaps
CreateRoundRectRgn

user32

CreateWindowExA
RegisterClassA
BeginDeferWindowPos
MessageBoxW
ShowWindow
RegisterClassExA
DdeInitializeW

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929adc69fe3563cb046e90e052507da0

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

user32

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 18KB - Virtual size: 39KB

.data Size: 89KB - Virtual size: 88KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 18KB - Virtual size: 39KB

.data
Size: 89KB - Virtual size: 88KB

.rsrc
Size: 27KB - Virtual size: 26KB