4e4798fa76eb22027e7f2fb184395e4d

General

Target

4e4798fa76eb22027e7f2fb184395e4d
Size

29KB
MD5

4e4798fa76eb22027e7f2fb184395e4d
SHA1

f45a98ee306d2a5be9498f6906448cfd5e8a6b61
SHA256

37beae8a87a0141a77f6b6f5c742af0bb30c4d80fd98ffce20e3537e8e5e1134
SHA512

c382114a819aa03256f0827903dee059136a3c7227f15dea2a8125874a751fb52b4316cc8e2793259ed84db71dfdf82dd4cf14e0a08edfe0bd1ac7d57eca6868
SSDEEP

768:8h/m6jJtWm7+MIKM6tu2tkvP9Jc/SHyf:km6N0vxXzHcyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e4798fa76eb22027e7f2fb184395e4d

Files

4e4798fa76eb22027e7f2fb184395e4d
.exe windows:4 windows x86 arch:x86

6857080329cff1ed769a4543f3aaac73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey
RegOpenKeyA
RegGetKeySecurity
RegReplaceKeyW
RegOpenKeyExA
RegOpenKeyW
RegQueryValueA
RegOpenKeyExW
RegEnumKeyA
RegCreateKeyW
RegQueryInfoKeyW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegLoadKeyA
RegQueryValueW

gdi32

CancelDC
GetDCOrgEx
CloseFigure
CopyMetaFileA
AbortPath
DeleteDC
GetPixel
RestoreDC
AddFontResourceW
ClearBrushAttributes
ClearBitmapAttributes
AddFontMemResourceEx
CloseMetaFile
GetBitmapBits
AddFontResourceExW
BitBlt
ExtTextOutA

comctl32

ImageList_GetIcon
ImageList_DragEnter
ImageList_Copy
ImageList_DragLeave
ImageList_DragMove
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_AddIcon
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_Create
ImageList_GetImageInfo
InitCommonControls
ImageList_BeginDrag
ImageList_Draw
ImageList_EndDrag
ImageList_LoadImageA
ImageList_Replace
ImageList_GetImageCount

kernel32

GetStdHandle
FindAtomA
CreateDirectoryA
FindFirstFileA
ExitThread
CopyFileExA
CreateThread
DeleteFileW
WriteFile
SetLastError
GetConsoleMode
GetFileTime
ReadConsoleA
ReadFile
CopyFileA
DeleteAtom
GetCPInfo
Sleep

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 385B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6857080329cff1ed769a4543f3aaac73

Headers

File Characteristics

Imports

advapi32

gdi32

comctl32

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 46KB

.reloc Size: - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 385B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 46KB

.reloc
Size: - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 385B