4dd1c3f4ec5cf4a8c0f56cf54a6b08a3

General

Target

4dd1c3f4ec5cf4a8c0f56cf54a6b08a3
Size

437KB
MD5

4dd1c3f4ec5cf4a8c0f56cf54a6b08a3
SHA1

12687af8bfdd4a4df2fb99878c4f7a401a8c1548
SHA256

5b0d0bc0438193546a4bb14d1a2331baceaa3c040a4571d14320bfcdc971dba4
SHA512

e9efaf03404c9fb40c72fa5fe985376dd357f4c192c4e96bd661d517cd40c65dd51ca24ec96372ce1459107001491426d14f7e6081ec3bdf0c8f8dd1b08f7937
SSDEEP

12288:VR5wyGROuR9yMKJUnPO448oH8sRk9OlrAST+w:VR5rGRD9yMeUnEPbRk9O7+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dd1c3f4ec5cf4a8c0f56cf54a6b08a3

Files

4dd1c3f4ec5cf4a8c0f56cf54a6b08a3
.exe windows:4 windows x86 arch:x86

5092227dc55875b63c72b620da024e88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
WriteFile
IsBadWritePtr
GetCommandLineA
GetProcAddress
GetLastError
HeapReAlloc
WideCharToMultiByte
GetCurrentThread
SetHandleCount
GetCurrentProcessId
HeapAlloc
EnterCriticalSection
GetVersion
SetLastError
GetModuleHandleA
ReadConsoleOutputAttribute
WritePrivateProfileStringA
GetEnvironmentVariableA
InterlockedExchange
InitializeCriticalSection
UnhandledExceptionFilter
GetEnvironmentStringsW
TlsSetValue
GetCPInfo
DeleteCriticalSection
LeaveCriticalSection
EnumSystemLocalesA
UnmapViewOfFile
ExitProcess
GetTickCount
GetCurrentDirectoryW
VirtualFree
HeapFree
GetStartupInfoA
GetModuleFileNameA
TlsFree
LoadLibraryA
QueryPerformanceCounter
GetOEMCP
VirtualAlloc
FindResourceExW
GetEnvironmentStrings
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStdHandle
HeapCreate
LCMapStringA
MultiByteToWideChar
lstrcpy
FreeEnvironmentStringsA
GetFileType
GetSystemTimeAsFileTime
GetStringTypeA
GetACP
GetCurrentDirectoryA
GetStringTypeW
HeapDestroy
FreeEnvironmentStringsW
ReadConsoleOutputW
LCMapStringW
TlsGetValue

advapi32

RegRestoreKeyW
LookupAccountSidA
RegCreateKeyA
CryptSetProviderW
RegQueryInfoKeyA
RevertToSelf
CryptSetProvParam
CryptVerifySignatureA
RegSetValueExW
CryptEncrypt
CryptSignHashA

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5092227dc55875b63c72b620da024e88

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 157KB - Virtual size: 157KB

.data Size: 270KB - Virtual size: 269KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 157KB - Virtual size: 157KB

.data
Size: 270KB - Virtual size: 269KB

.rsrc
Size: 9KB - Virtual size: 8KB