4e450e986d2420e0b25f18a5b8269d0b

Sharing

Copy URL Twitter E-mail

General

Target

4e450e986d2420e0b25f18a5b8269d0b
Size

431KB
MD5

4e450e986d2420e0b25f18a5b8269d0b
SHA1

e61aa6b01f329d7968201a08c4b2621de14d5bc1
SHA256

d21f03dcd6ffedea4e72d5ea0a2b8ff4879ac8a9ccc2c1aeeb05d7f8d72db180
SHA512

9652ef5c2e93fb841c215995df452b3327ad463ef0abd5b19f48f667e315b0271f471f7c3d6d628881868c78eb4e77cf007595a5351c3912e9cae030845a39a8
SSDEEP

6144:fKZAMpKJRnX6A+yZkIaJ+QLQ0cfRfJ2N+qiwlv1QXlvpccmaI7VzUx+DUJDqD8K:fKZxKJdXXZknNLQ0s5Jc+qB1qCc09OT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e450e986d2420e0b25f18a5b8269d0b

Files

4e450e986d2420e0b25f18a5b8269d0b
.exe windows:4 windows x86 arch:x86

6b0d8c9d7685ae79c6c656182e88d88f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
RegisterClassA
DefWindowProcW
CreateWindowExW
DefWindowProcA
MessageBoxW
DestroyWindow
RegisterClassExA

kernel32

SetEnvironmentVariableA
IsBadWritePtr
GetFileType
HeapFree
VirtualQuery
GetStringTypeW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetTimeFormatA
UnhandledExceptionFilter
GetModuleFileNameW
LCMapStringW
GetModuleFileNameA
GetSystemInfo
GetCommandLineA
HeapSize
EnumCalendarInfoA
GlobalUnfix
TlsAlloc
TerminateProcess
VirtualProtect
TlsFree
GetTickCount
TlsSetValue
VirtualAlloc
WriteFile
SetStdHandle
WideCharToMultiByte
GetEnvironmentStringsW
LCMapStringA
GetCurrentProcessId
HeapCreate
SetFilePointer
EnumSystemLocalesA
HeapReAlloc
GetOEMCP
InitializeCriticalSection
GetStartupInfoA
GetACP
RtlFillMemory
GetCurrentThreadId
IsValidLocale
EnterCriticalSection
GetStringTypeA
GetStdHandle
LeaveCriticalSection
TlsGetValue
SetLastError
GetCPInfo
IsValidCodePage
GetTimeZoneInformation
GetDateFormatA
InterlockedExchange
HeapAlloc
VirtualFree
GetLastError
GetProcAddress
LoadLibraryA
CompareStringW
GetSystemDefaultLCID
CompareStringA
GetUserDefaultLCID
GetCurrentThread
SetHandleCount
GetProcessShutdownParameters
RtlUnwind
GetModuleHandleA
CreateMutexA
GetStartupInfoW
GetFileAttributesW
FlushFileBuffers
GetLocaleInfoW
MultiByteToWideChar
HeapDestroy
GetLocaleInfoA
GetCommandLineW
GetSystemTimeAsFileTime
QueryPerformanceCounter
CloseHandle
DeleteCriticalSection
GetEnvironmentStrings
ReadFile
ExitProcess
CommConfigDialogW
GetVersionExA
OpenMutexA
GetCurrentProcess

advapi32

RegSaveKeyW
CryptGenKey
RegQueryValueExW
RegQueryValueW
RegSaveKeyA
DuplicateTokenEx
RegOpenKeyExA
CryptDestroyHash
CryptEnumProvidersA
RegSetValueA
LookupAccountSidA
CryptSetProviderExW
LookupPrivilegeNameW
RegEnumKeyExW
CryptContextAddRef
RegQueryMultipleValuesW
CryptAcquireContextW
CryptSetProvParam
RegNotifyChangeKeyValue
RegQueryValueExA
CryptGetUserKey
RegQueryValueA
CryptImportKey

comctl32

ImageList_GetImageInfo
ImageList_EndDrag
ImageList_AddMasked
ImageList_DragEnter
CreateStatusWindow
CreateStatusWindowA
DrawStatusText
GetEffectiveClientRect
_TrackMouseEvent
InitCommonControlsEx
ImageList_LoadImage

wininet

GetUrlCacheConfigInfoW
InternetCheckConnectionW
InternetGetCertByURLA
CommitUrlCacheEntryW
InternetFortezzaCommand
InternetConfirmZoneCrossing

comdlg32

ChooseFontA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b0d8c9d7685ae79c6c656182e88d88f

Headers

File Characteristics

Imports

user32

kernel32

advapi32

comctl32

wininet

comdlg32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 78KB - Virtual size: 107KB

.data Size: 95KB - Virtual size: 94KB

.rsrc Size: 105KB - Virtual size: 104KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 78KB - Virtual size: 107KB

.data
Size: 95KB - Virtual size: 94KB

.rsrc
Size: 105KB - Virtual size: 104KB