4ddf2f987c950eabd8a18bc417e6ad13

Sharing

Copy URL Twitter E-mail

General

Target

4ddf2f987c950eabd8a18bc417e6ad13
Size

67KB
MD5

4ddf2f987c950eabd8a18bc417e6ad13
SHA1

8b0e2de96d3e863bdbddda68036aefbdcbe5689d
SHA256

99e3c9b71f55243514ac91333ac6c68f3f182e2ea738585148f36e38b18ed8a6
SHA512

27b28400263290bbb99ca6fc7a345f1bab3e15c4357ffda44d83620364cd5c934c37ebd8a89dacba3157fabaad2a766098165021dcbb582ce0c61678ec9a3566
SSDEEP

1536:1+LIvVRk5Pvb8uASVqYU/3L9F0HvKNZbbZVgR:1+LaqZzdHVqPhFcgbbZCR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ddf2f987c950eabd8a18bc417e6ad13

Files

4ddf2f987c950eabd8a18bc417e6ad13
.exe windows:4 windows x86 arch:x86

707b8da6d3a49e678f5e6eb239786e0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
CreateThread
TerminateThread
SetEvent
lstrlenW
CreateEventA
InterlockedDecrement
WideCharToMultiByte
HeapCreate
HeapDestroy
FlushInstructionCache
FreeResource
GetTempFileNameA
GetTempPathA
GetVersionExA
MultiByteToWideChar
GetFileAttributesA
GetSystemTime
GetSystemDirectoryA
FindClose
FindNextFileA
lstrcmpA
FindFirstFileA
GetStringTypeExA
GetThreadLocale
FreeLibrary
GetProcAddress
InterlockedIncrement
GetUserDefaultLCID
SetThreadLocale
WaitForSingleObject
CreateFileA
WriteFile
CloseHandle
EnterCriticalSection
LeaveCriticalSection
lstrlenA
Sleep
DeleteFileA
MoveFileExA
LoadLibraryA
HeapFree
HeapAlloc
DebugBreak
GetCommandLineA
ExitProcess
GetStartupInfoA
GetCurrentProcess
GetModuleHandleA

user32

CallWindowProcA
SetCursor
GetWindowTextA
GetWindowTextLengthA
UpdateWindow
InvalidateRect
RedrawWindow
ScreenToClient
ClientToScreen
LoadStringW
CharLowerA
wvsprintfA
GetWindow
GetWindowRect
SystemParametersInfoA
GetSysColor
MapWindowPoints
SetWindowPos
DestroyWindow
SetWindowLongA
LoadStringA
IsDlgButtonChecked
CheckDlgButton
SetWindowTextA
SetDlgItemTextA
GetSystemMetrics
LoadImageA
GetDlgItem
EndDialog
MessageBoxA
DefWindowProcA
PostMessageA
GetMessageA
GetWindowLongA
GetClientRect
GetParent
GetActiveWindow
DialogBoxParamA
CharNextA
SendMessageA

gdi32

SetTextColor
GetStockObject
CreateFontIndirectA
CreateSolidBrush
DeleteObject
GetObjectA

advapi32

RegQueryValueExA
LsaAddAccountRights
LsaOpenPolicy
CloseServiceHandle
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
CreateWellKnownSid
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
LsaClose

shell32

ShellExecuteExA
ShellExecuteA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

wininet

HttpSendRequestA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoA
HttpOpenRequestA
InternetConnectA
InternetOpenA

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

707b8da6d3a49e678f5e6eb239786e0e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

wininet

Sections

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 21KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 21KB - Virtual size: 21KB