4e3879c00f2d25065b61de67fe367d54

General

Target

4e3879c00f2d25065b61de67fe367d54
Size

59KB
MD5

4e3879c00f2d25065b61de67fe367d54
SHA1

e5f3fbe559c41e660f5c22ec36bd65b59da4b2f5
SHA256

437530587265d3a780ed9532f6acb57e2b6a84c6108cc335cfb18d56f2209f1b
SHA512

1a22c02eb72cbc0f63839940b53546fe9404a210e05b35879668d70216775ae6ce331c04d5c4163372ca7e8601b8100c42cf67d97490cea922be5d69fd8c92c4
SSDEEP

768:klARZ4R0PFMBUss4CBe76kPnAEWBJpPjD7J8p8+Hp0xKC8e495dOx:IA3PYUJ4CiAbJpbD2p8SuxKpcx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e3879c00f2d25065b61de67fe367d54

Files

4e3879c00f2d25065b61de67fe367d54
.exe windows:4 windows x86 arch:x86

4823aa9e7a1108dc5ae8fa8191508d32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
GetEnvironmentVariableA
DeleteFileA
GetProcAddress
GetModuleHandleA
GetWindowsDirectoryA
GetStartupInfoA

advapi32

RegDeleteKeyA

shlwapi

SHDeleteKeyA

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

msvcrt

__CxxFrameHandler
free
strcat
strcpy
calloc
fclose
fwrite
fopen
malloc
strcmp
memcpy
strlen
sprintf
strncpy
memset
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4823aa9e7a1108dc5ae8fa8191508d32

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

msvcp60

msvcrt

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 50KB - Virtual size: 49KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 50KB - Virtual size: 49KB