4e618ad516fcdfdf187078f23069abee

Sharing

Copy URL Twitter E-mail

General

Target

4e618ad516fcdfdf187078f23069abee
Size

540KB
MD5

4e618ad516fcdfdf187078f23069abee
SHA1

035efdd1f838afb914ea075d2b1960f91855aec2
SHA256

e93468b2cfcb6f820680d0d527146fa419f2bfc78f5721f7ccdbd6f031c4376e
SHA512

bab2d4284784fffefd8315e0bac9567b1a0990eb4c1ff78dae26818814e9316907b89ed0fa9144ee7ada89401ef6b01b962d1a616b3b739632511acee897e0a0
SSDEEP

12288:tkn1SWGkpbOBdYKuXhCeTkNnUsmzCx0cBe82IKPzQ:tmSWGkVOrmhCsqUswahe82hPz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e618ad516fcdfdf187078f23069abee

Files

4e618ad516fcdfdf187078f23069abee
.exe windows:4 windows x86 arch:x86

c53f756deb0da5ad03c99e9064980869

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeNameW

user32

GetClassInfoExW
CharUpperBuffA
SendNotifyMessageW
AppendMenuW
CallMsgFilter
MessageBoxA
CreateMDIWindowW
RegisterClassA
RemovePropW
DefWindowProcA
GetCursorPos
DialogBoxIndirectParamA
DestroyWindow
GetClassNameW
RegisterClassExA
DdeUninitialize
GetForegroundWindow
DefDlgProcA
GetKeyboardLayoutList
EnumPropsExA
GetWindowWord
CreateWindowExW
GetPropW
LoadMenuA
GrayStringW
ReplyMessage
CreateMenu
GetKeyboardLayoutNameW
GetPropA
InsertMenuItemW
ShowWindow
CopyAcceleratorTableW
GetScrollInfo
DdeInitializeA
SetScrollRange
GetWindowRect

kernel32

SetConsoleActiveScreenBuffer
FlushFileBuffers
SetHandleCount
LocalCompact
WideCharToMultiByte
GetCurrentThreadId
FreeEnvironmentStringsW
GetPrivateProfileStructA
CompareFileTime
LeaveCriticalSection
GlobalHandle
SetComputerNameA
WaitNamedPipeA
TlsSetValue
EnumTimeFormatsA
IsBadWritePtr
GetDateFormatW
WritePrivateProfileStructW
CreateProcessA
ConnectNamedPipe
TlsGetValue
SetFilePointer
WriteFile
GetSystemTimeAdjustment
LocalFileTimeToFileTime
SetConsoleCursorPosition
OpenFileMappingW
GetComputerNameA
GetThreadPriority
CompareStringA
InterlockedExchange
DebugBreak
VirtualQuery
GlobalFlags
EnumResourceNamesA
CloseHandle
VirtualFree
RtlUnwind
GetACP
DeleteFileW
GetConsoleOutputCP
InterlockedIncrement
GetLastError
InitializeCriticalSection
GetModuleFileNameA
ExitProcess
GetStringTypeA
LocalAlloc
VirtualAlloc
LockFileEx
EnumDateFormatsW
GlobalReAlloc
GetEnvironmentStrings
GetCurrentProcess
GetProcAddress
FreeEnvironmentStringsA
LoadLibraryExW
ReadConsoleOutputCharacterW
GlobalDeleteAtom
CreateMutexA
ReadFile
GetEnvironmentVariableW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
OpenMutexA
lstrcmpA
UnlockFileEx
SetStdHandle
GetTickCount
LoadLibraryA
GetCPInfo
GetLocalTime
AllocConsole
EnumSystemCodePagesA
InterlockedDecrement
GetCommandLineA
OpenProcess
QueryPerformanceCounter
EnumResourceTypesW
GetCurrentThread
GetProcAddress
GetProfileIntW
UnlockFile
lstrcpyn
SetEnvironmentVariableA
DeleteCriticalSection
UnhandledExceptionFilter
LocalShrink
SetCurrentDirectoryA
GetFileType
GetSystemDirectoryA
GetStringTypeW
EnterCriticalSection
SetFileAttributesA
MapViewOfFile
GlobalAddAtomA
MultiByteToWideChar
GetVersion
GlobalUnlock
GetStartupInfoA
HeapFree
SetLastError
FoldStringA
SetThreadContext
CreateWaitableTimerW
LoadLibraryExA
GetPrivateProfileSectionW
GetTimeFormatW
HeapReAlloc
GlobalFindAtomA
GetOEMCP
GetTimeZoneInformation
HeapDestroy
HeapAlloc
RtlZeroMemory
CommConfigDialogA
GetNamedPipeHandleStateA
OpenMutexW
WriteConsoleOutputA
GetSystemTime
GetTempFileNameW
TlsFree
GlobalAddAtomW
CompareStringW
SystemTimeToFileTime
EnumCalendarInfoA
EnumResourceNamesW
TerminateProcess
TlsAlloc
WriteConsoleInputW
LCMapStringA
GetModuleHandleA
GetEnvironmentStringsW
EnumSystemLocalesW
GetCurrentProcessId
GetStdHandle
WritePrivateProfileStringA
HeapCreate
LCMapStringW

gdi32

CloseMetaFile
SetMiterLimit
ColorMatchToTarget
SetDIBColorTable
EnumObjects
GetDeviceCaps
DeleteObject
FixBrushOrgEx
OffsetWindowOrgEx
SelectObject
CreateFontIndirectA
GetTextExtentPointW
GetICMProfileA
BitBlt
GetCharABCWidthsW
EnumEnhMetaFile
DeleteDC
EnumFontFamiliesExA
GetCharacterPlacementW
CreateDCA
GetROP2
LineDDA
ColorCorrectPalette
GetCharWidthFloatW
PlayMetaFile
PolyBezier
GetOutlineTextMetricsW
GetRandomRgn
GetObjectA

comctl32

InitMUILanguage
InitCommonControlsEx

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c53f756deb0da5ad03c99e9064980869

Headers

File Characteristics

Imports

advapi32

user32

kernel32

gdi32

comctl32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 123KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 123KB

.rsrc
Size: 20KB - Virtual size: 16KB