4de62adb47f7d199fad3536215a6919d

Sharing

Copy URL Twitter E-mail

General

Target

4de62adb47f7d199fad3536215a6919d
Size

221KB
MD5

4de62adb47f7d199fad3536215a6919d
SHA1

8641c665b1e413b4127b62b621adbe36ab58e74c
SHA256

2788787cbefb0d0a203f83c19786804054993e9bc94ea568f348fbe681548ac9
SHA512

e9e28f92dc870ffcb21eab1af864346acc8a5b0a4c0f8304bc305d504073115935928199c3971a9a170675e91c389088f8c75ca63a9fee72d823ad185675c64a
SSDEEP

3072:WBCKCYm+1UfTh+DFf5pSyHaUfbza3Obi8LlRoZuCZCLfp/rEoJ3c+lV7fWiWgPMc:WBsQqgpSCa4zXPgOfKwLVhj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4de62adb47f7d199fad3536215a6919d

Files

4de62adb47f7d199fad3536215a6919d
.exe windows:5 windows x86 arch:x86

c6847d8b09ab7fcabb8598cea379a8d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA

user32

GetMenuCheckMarkDimensions
IsCharLowerW
SetClassLongW
ActivateKeyboardLayout
CharToOemA
RedrawWindow
LoadStringA
LoadCursorW
SetActiveWindow
SetMenuDefaultItem
GetSubMenu
DrawMenuBar
DrawCaption

kernel32

GetCurrentProcessId
GetCommConfig
HeapUnlock
RemoveDirectoryA
MoveFileW
lstrcatA
GetCurrentProcess
LoadLibraryExA
FindResourceA

comdlg32

PrintDlgW
GetSaveFileNameA
ChooseColorW
GetFileTitleW

gdi32

GetDIBColorTable
CreateICW
RectVisible
PathToRegion
PatBlt
GetDeviceCaps

Exports

Exports

?VWLZXAb_yuxnG_MJ@@YGDPAFPAK@Z
?f_tytskfpp_kP__E@@YGXJ@Z
?l_mpBI_@@YGGM@Z
?ddP_QI_EZmd_pktmAIX_S@@YGPAGGK@Z
?LBFYNOV_Xv_b@@YGIPAM@Z
?ugbjioy@@YGXPAIG@Z

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 529B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA2
Size: 76KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6847d8b09ab7fcabb8598cea379a8d4

Headers

File Characteristics

Imports

shlwapi

user32

kernel32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 1024B - Virtual size: 529B

.data Size: 2KB - Virtual size: 2KB

DATA1 Size: 33KB - Virtual size: 33KB

DATA2 Size: 76KB - Virtual size: 240KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 1024B - Virtual size: 529B

.data
Size: 2KB - Virtual size: 2KB

DATA1
Size: 33KB - Virtual size: 33KB

DATA2
Size: 76KB - Virtual size: 240KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB