4e9f6e9ea3cba55f06f057de520842fa

Sharing

Copy URL Twitter E-mail

General

Target

4e9f6e9ea3cba55f06f057de520842fa
Size

265KB
MD5

4e9f6e9ea3cba55f06f057de520842fa
SHA1

da8daa1349ab1612aaf89f402e173861525599e1
SHA256

8c0f6655f91e7652066e6b8f27da4f35ce04da0dd0444ff6fb03501afe34b448
SHA512

66d395f35388d0a61f1006c5727fc47d0c7597985fc1734d8e9ed3ef1587fee3728d99e9afbb5444ff6ced16ff788de1a8ae9ffd3fc896a3d343ee66adc73725
SSDEEP

6144:ljCAFSzN1hHqYaS0L4Q9sJnLGciApO1wwd77zlPJDnHu:lj5aN1lqYaHGpiApnwdx1nH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e9f6e9ea3cba55f06f057de520842fa

Files

4e9f6e9ea3cba55f06f057de520842fa
.exe windows:4 windows x86 arch:x86

a8fbf102d150d50d7779fefe3f48e407

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetDialStateW
CreateUrlCacheEntryW
InternetCrackUrlA
FreeUrlCacheSpaceA
HttpSendRequestA
GopherFindFirstFileA
InternetGoOnlineW
GopherGetLocatorTypeW
InternetTimeToSystemTime
DeleteUrlCacheContainerA
InternetInitializeAutoProxyDll
InternetWriteFileExA
InternetCloseHandle
InternetQueryOptionW
DeleteUrlCacheGroup
InternetSetDialState
InternetSecurityProtocolToStringW
HttpOpenRequestW
InternetGetCookieA
HttpSendRequestW
SetUrlCacheEntryGroup
InternetGoOnlineA
InternetConfirmZoneCrossing

comdlg32

ChooseFontW
LoadAlterBitmap
FindTextA
ChooseColorA
GetOpenFileNameA
PrintDlgW
GetSaveFileNameW
FindTextW
ChooseColorW
GetOpenFileNameW
ReplaceTextW
GetSaveFileNameA
ChooseFontA
PageSetupDlgA
PrintDlgA

shell32

ExtractIconEx
SHGetPathFromIDList
DragAcceptFiles
FindExecutableA
RealShellExecuteW
CommandLineToArgvW
ExtractAssociatedIconExW
SheChangeDirExW
SheChangeDirA
ShellAboutA

gdi32

GetBkColor
SetTextAlign
ScaleViewportExtEx
EnumFontsA
GetDCOrgEx
GetTextExtentExPointA
SetICMMode
GetFontData
CreatePen
EnumMetaFile

kernel32

HeapCreate
GetCommandLineA
GetEnvironmentStringsW
SetHandleCount
CompareStringA
WideCharToMultiByte
GetStringTypeW
GetModuleHandleA
GetCurrentThreadId
FreeLibrary
GetCurrentProcessId
GlobalCompact
GetTimeZoneInformation
IsValidCodePage
DeleteCriticalSection
FoldStringW
SetConsoleCtrlHandler
GetProcAddress
TlsGetValue
GetCurrentProcess
GetModuleHandleW
GetFileType
SetLastError
GetProfileSectionA
CompareStringW
GetTimeFormatA
CreateEventW
GetStartupInfoW
TerminateProcess
GetOEMCP
SystemTimeToFileTime
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapSize
GetTickCount
GetNamedPipeHandleStateW
GetDateFormatA
CreateNamedPipeA
GetLocaleInfoA
GetPrivateProfileSectionNamesA
GetStdHandle
GetShortPathNameA
HeapReAlloc
LeaveCriticalSection
GetCurrentThread
Sleep
EnterCriticalSection
IsDebuggerPresent
DeleteAtom
GetEnvironmentVariableW
LoadLibraryA
SetUnhandledExceptionFilter
LCMapStringW
GetCPInfo
GetACP
SetEnvironmentVariableA
VirtualLock
GetModuleFileNameW
VirtualFree
TlsAlloc
lstrcpyA
GetPrivateProfileStringW
GetCompressedFileSizeW
ExitProcess
GetStartupInfoA
GetStringTypeA
WriteFile
HeapAlloc
WritePrivateProfileStringA
VirtualAlloc
InterlockedExchange
HeapFree
GetLastError
EnumCalendarInfoExW
VirtualQueryEx
GetModuleFileNameA
RtlUnwind
LCMapStringA
DebugActiveProcess
IsValidLocale
HeapDestroy
InterlockedDecrement
TlsFree
GetUserDefaultLCID
InterlockedIncrement
QueryPerformanceCounter
GetCommandLineW
FreeEnvironmentStringsW
AddAtomW
EnumSystemLocalesA
VirtualQuery
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
MultiByteToWideChar
TlsSetValue

user32

GetMenuState
DlgDirListComboBoxW
DlgDirSelectExA
MapVirtualKeyW
WINNLSGetEnableStatus
BroadcastSystemMessageA

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8fbf102d150d50d7779fefe3f48e407

Headers

File Characteristics

Imports

wininet

comdlg32

shell32

gdi32

kernel32

user32

Sections

.text Size: 142KB - Virtual size: 141KB

.data Size: 113KB - Virtual size: 130KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 142KB - Virtual size: 141KB

.data
Size: 113KB - Virtual size: 130KB

.rsrc
Size: 8KB - Virtual size: 8KB