4e36c0c750d37b4c0adf1f1ba630b668

Sharing

Copy URL Twitter E-mail

General

Target

4e36c0c750d37b4c0adf1f1ba630b668
Size

128KB
MD5

4e36c0c750d37b4c0adf1f1ba630b668
SHA1

f9a359c2c3ad763306a8405c00bbbe836b8c7be5
SHA256

80e89ae07f1c9d07e7369a4d91fdd8f4f1869e6d486663b008fbb0d7bf1e18e7
SHA512

2ec53be1a5acad8f26073ff30a7af208b53ad0ecfce4ac14ed670cff41868e761bb6802df14a12b9bf2bf8cee20586b938ead6d891ac6916e41c2bfe4b667b2a
SSDEEP

3072:NVIteV4Eh6nykhuVlAS11Lw3xcEwphVfM:m0gJAnbUBchfM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/infodebito.Pdf_________________________________________________________________.exe

Files

4e36c0c750d37b4c0adf1f1ba630b668
.zip
infodebito.Pdf_________________________________________________________________.exe
.exe windows:2 windows x86 arch:x86

83355cf17289a779a545db104fbecbdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegOpenKeyW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW

kernel32

GetNumaProcessorNode
RemoveVectoredExceptionHandler
CreateMemoryResourceNotification
RtlUnwind
SetHandleCount
GetStringTypeA
GetComputerNameW
LoadResource
GlobalCompact
GetSystemTime
lstrcmp
GlobalUnlock
OutputDebugStringA
GlobalHandle
GetLocalTime
ExitProcess
GetComputerNameA
GetEnvironmentStringsW
GetPrivateProfileStringW
GetPrivateProfileStructW
FreeLibrary
WaitForSingleObject
SwitchToFiber
SetThreadLocale
CreateSemaphoreA
HeapCreate
GlobalHandle
GetCurrencyFormatW
lstrcmpW
GlobalFree
SetFirmwareEnvironmentVariableW
VirtualQuery
LocalAlloc
DebugBreak
lstrcpyW
lstrcpynW
EndUpdateResourceW
UnhandledExceptionFilter
FindResourceExW
LCMapStringW
WideCharToMultiByte
FreeEnvironmentStringsA
GetExpandedNameW
DeviceIoControl
VirtualFree
EnumUILanguagesA
RequestWakeupLatency
SetFilePointerEx
GetConsoleAliasesA
GetCPInfo
GetLocaleInfoA
GetPrivateProfileSectionW
GetFileType
FileTimeToDosDateTime
SizeofResource
PeekNamedPipe
CloseHandle
GetNumaAvailableMemoryNode
GetOEMCP
GetTimeFormatW
lstrcpyW
GetStartupInfoA
VerifyConsoleIoHandle
SetComputerNameA
HeapReAlloc
LocalUnlock
HeapFree
LCMapStringA
GetStringTypeW
GlobalReAlloc
GetACP
FreeEnvironmentStringsW
HeapAlloc
HeapDestroy
ContinueDebugEvent
GetLastError
ExitProcess
GetStdHandle
GetVersionExA
DefineDosDeviceW
LocalFree
EnumTimeFormatsW
CreateFileW
GetSystemWindowsDirectoryA
VirtualAllocEx
MultiByteToWideChar
LockResource
RaiseException
FindActCtxSectionGuid
GetCommandLineA
LZInit
NlsGetCacheUpdateCount
AreFileApisANSI
GlobalLock
BackupRead
GetCPInfo
HeapReAlloc
GetExpandedNameA
GetSystemInfo
FindResourceW
GlobalAlloc
GetDiskFreeSpaceExW
MapUserPhysicalPagesScatter
RegisterWaitForInputIdle

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteObject
DeleteDC
CreateSolidBrush
SelectObject

user32

SetWindowLongW
IsWindowEnabled
EnableMenuItem
IsWindow
SetWindowPos
MapWindowPoints
MonitorFromPoint
LoadImageW
EnableWindow
ShowWindow
IsDlgButtonChecked
GetClientRect
SendMessageW
WinHelpW
SetWindowsHookW
UnhookWindowsHook
InvalidateRect
GetWindowRect
FindWindowW
UnregisterDeviceNotification
GetMonitorInfoW
LoadAcceleratorsW
GetUpdateRect
GetFocus
SetPropW
SetScrollInfo
GetWindowLongW
PostQuitMessage
DestroyWindow
MessageBoxW
DialogBoxParamW
GetWindow
EndPaint
CheckMenuItem
DispatchMessageW
TranslateAcceleratorW
EndDialog
GetDesktopWindow
FillRect
GetMessageW
CheckRadioButton
GetSystemMetrics
LoadCursorW
BeginPaint
SetForegroundWindow
IsDialogMessageW
LoadStringW
GetCursorPos
DefDlgProcW
SetWindowTextW
DefWindowProcW
IsIconic
wsprintfW
GetDlgCtrlID
MoveWindow
SubtractRect
GetWindowTextW
ScrollWindowEx
RemovePropW
DrawEdge
GetPropW
RegisterClassW
GetForegroundWindow
CreateWindowExW
TranslateMessage
CreateDialogIndirectParamW
SetFocus
MonitorFromRect
KillTimer
DestroyIcon
SetScrollPos
LoadIconW
PostMessageW
OffsetRect
RegisterDeviceNotificationW
GetSysColor

shell32

ShellAboutW

winmm

PlaySoundW
waveOutGetDevCapsW
waveInGetNumDevs
mixerClose
mixerGetID
mixerGetLineControlsW
mixerGetDevCapsW
auxGetDevCapsW
midiOutGetNumDevs
mixerGetControlDetailsW
mixerGetNumDevs
auxGetNumDevs
mixerMessage
waveOutMessage
waveInMessage
midiOutGetDevCapsW
timeKillEvent
mixerOpen
waveOutGetNumDevs
timeSetEvent
mixerGetLineInfoW
mixerSetControlDetails

comctl32

ord17

setupapi

SetupDiOpenDevRegKey
SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDeviceInterfaceW
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList

secur32

ExportSecurityContext
GetSecurityUserInfo
InitSecurityInterfaceA
QueryCredentialsAttributesW
RevertSecurityContext
QuerySecurityPackageInfoA
LsaGetLogonSessionData
QueryContextAttributesW

msvcrt

_mbsnbicoll
_mbslwr
_heapwalk
_lseeki64
__crtCompareStringA
_errno
labs
_execvpe
_itoa
_flsbuf
_getmbcp
_ismbbkalnum
__toascii
wcsrchr
_wcmdln
_getmaxstdio
_control87
__initenv
iswlower
_spawnlpe
_chmod
printf
_wstrdate
_execv
_ismbblead
_mbstrlen
_write
_locking
_initterm
_aexit_rtn
_mbscoll
_Gettnames
_splitpath
_ctime64
_open
_Getdays
longjmp
strspn
iswxdigit
getwc
isdigit
__unDName
system
ungetc
_aligned_malloc
__wargv
_mbsnbicmp
floor
_mbsninc
_fstat
_wunlink
_mbctohira
_heapset
setvbuf
_mbccpy
_stricoll
_wsplitpath
_mbsspnp
_strnset
atol
_localtime64
_wfindfirsti64
_heapmin
_wexecv

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WTTHE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.aAMwSX
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hPJEiv
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SWPl
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_MEM_READ

.tNR
Size: 3KB - Virtual size: 27KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83355cf17289a779a545db104fbecbdc

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shell32

winmm

comctl32

setupapi

secur32

msvcrt

Sections

.text Size: 21KB - Virtual size: 20KB

.WTTHE Size: 2KB - Virtual size: 4KB

.aAMwSX Size: 3KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 7KB

.hPJEiv Size: 1KB - Virtual size: 5KB

.data Size: 6KB - Virtual size: 21KB

.SWPl Size: 1KB - Virtual size: 17KB

.tNR Size: 3KB - Virtual size: 27KB

.rsrc Size: 103KB - Virtual size: 103KB

.text
Size: 21KB - Virtual size: 20KB

.WTTHE
Size: 2KB - Virtual size: 4KB

.aAMwSX
Size: 3KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 7KB

.hPJEiv
Size: 1KB - Virtual size: 5KB

.data
Size: 6KB - Virtual size: 21KB

.SWPl
Size: 1KB - Virtual size: 17KB

.tNR
Size: 3KB - Virtual size: 27KB

.rsrc
Size: 103KB - Virtual size: 103KB