4e4777533dccf118dd44d8453296ca69

Sharing

Copy URL Twitter E-mail

General

Target

4e4777533dccf118dd44d8453296ca69
Size

59KB
MD5

4e4777533dccf118dd44d8453296ca69
SHA1

b90d8a5b150aadb7276f1ee60ac1642a3c2cc961
SHA256

af3bfcb28610901c25b59746d38e75e7fbb9e98ee524a4f90f267a31cafb280c
SHA512

353c8984926be69e1afa2173cd60ae8c6ec6da1f1c7359702b64ecba1ca9ed550286d0cef5f5c91e7ed855548da28c1899ce8ba95b22efede924a23f2b0fa892
SSDEEP

1536:AXMMMbR1Zkey9ARTWgxaXHKU8Ji5yzfLhQL7XiFLCu2GU4mEYx:AXMMM1v3PRZ4XP+SKl6GFL92Fx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e4777533dccf118dd44d8453296ca69

Files

4e4777533dccf118dd44d8453296ca69
.exe windows:4 windows x86 arch:x86

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
WriteFile
CopyFileA
ReadConsoleA
DeleteFileW
DeleteFileA
CopyFileW
CopyFileExW
CopyFileExA
GetFileTime
GetFileSize
CreateThread
CreateProcessA
GetLastError
GetCommandLineA
OpenFileMappingA
ReadFile
GetComputerNameA
DeleteAtom
SetLastError
CreateDirectoryA
OpenFile
FindFirstFileA
FindAtomA

advapi32

RegOpenKeyA
RegReplaceKeyA
RegQueryValueW
RegDeleteKeyA
RegEnumKeyExW
RegReplaceKeyW
RegOpenKeyExA
RegEnumValueW
RegCreateKeyW
RegQueryValueA
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegLoadKeyW
RegDeleteKeyW
RegEnumKeyA
RegFlushKey
RegGetKeySecurity
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExA
RegEnumKeyW
RegDeleteValueA
RegLoadKeyA

gdi32

CloseMetaFile
ExcludeClipRect
AddFontResourceW
CloseFigure
DeleteObject
SetTextColor
GetBitmapBits
AddFontResourceExW
DeleteDC
CancelDC
CreateSolidBrush
BeginPath
ClearBitmapAttributes
GetBrushOrgEx
ClearBrushAttributes
AddFontMemResourceEx
AddFontResourceA

user32

DialogBoxParamA
InsertMenuA
BlockInput
DrawIconEx
IsMenu
GetWindowTextA
AppendMenuA
CopyImage
CopyIcon
IsWindow
DrawTextW
AlignRects
GetCursor
AppendMenuW
EndDialog
LoadCursorA
CloseWindow
GetFocus

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_GetImageInfo
ImageList_DragMove
ImageList_DragEnter
ImageList_GetIcon
ImageList_Draw
ImageList_EndDrag
ImageList_LoadImageW
ImageList_AddIcon
ImageList_GetIconSize
ImageList_LoadImage
ImageList_DrawEx
ImageList_DragLeave
ImageList_Create
ImageList_Merge
ImageList_Replace

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 287B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 453B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 149KB

.rsrc Size: 512B - Virtual size: 287B

.reloc Size: - Virtual size: 453B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 149KB

.rsrc
Size: 512B - Virtual size: 287B

.reloc
Size: - Virtual size: 453B