4ed4944eda07ac6eb84323018f151083

Sharing

Copy URL Twitter E-mail

General

Target

4ed4944eda07ac6eb84323018f151083
Size

528KB
MD5

4ed4944eda07ac6eb84323018f151083
SHA1

a3e6c7a61924af67c69f7c5fde6c86095d49f6a8
SHA256

001aabd7463d62388c0417e6d7744aecd1e0a69b833f16179bd11dccb6483744
SHA512

0b5afa2ee5e30326b8d36bb1a199c73885040f4978be99daff09b5d6061e125b7a2953300a219f7007b911156c07c1cc1f40270ed6eec9c77786edd95dd37f98
SSDEEP

12288:/V0j3OPyfJ8mKiyGppz4xAy6UFL8/+S8A:iePySwbz/6Fw/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ed4944eda07ac6eb84323018f151083

Files

4ed4944eda07ac6eb84323018f151083
.exe windows:4 windows x86 arch:x86

c378b82fd4c0e7253438547907fc52ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetCommandLineA
RemoveDirectoryW
InitializeCriticalSection
GetCurrentProcessId
GetCPInfo
GetStringTypeW
HeapFree
SetThreadAffinityMask
MultiByteToWideChar
FreeEnvironmentStringsA
InterlockedExchange
TlsAlloc
GlobalFree
GetACP
SetFilePointer
VirtualAlloc
VirtualProtect
GetLogicalDriveStringsW
lstrcpyW
OpenMutexA
GetPrivateProfileSectionNamesA
WideCharToMultiByte
GetEnvironmentVariableW
CreateWaitableTimerA
MapViewOfFile
GetTickCount
GetMailslotInfo
QueryPerformanceCounter
FreeEnvironmentStringsW
GetUserDefaultLCID
VirtualQueryEx
GetLocalTime
LCMapStringW
FindAtomA
ReadFile
VirtualQuery
ExitProcess
LockFile
GetEnvironmentStrings
GetStartupInfoA
CreateEventW
UnhandledExceptionFilter
lstrlen
GetCurrentThreadId
DebugBreak
FillConsoleOutputCharacterW
DeleteCriticalSection
LoadLibraryA
TlsSetValue
SetConsoleCursorInfo
SetLastError
TlsGetValue
GetLastError
GetShortPathNameW
LocalShrink
FindFirstFileA
CompareStringW
CloseHandle
GetEnvironmentStringsW
TlsFree
ConvertDefaultLocale
EnterCriticalSection
GetStdHandle
WaitForSingleObject
GetStringTypeA
SetStdHandle
ResumeThread
GetShortPathNameA
EnumResourceLanguagesW
SetConsoleCtrlHandler
HeapReAlloc
SetUnhandledExceptionFilter
HeapCreate
GetModuleFileNameA
GetSystemTimeAsFileTime
CreateNamedPipeA
VirtualFree
LockResource
GetCurrencyFormatA
GetThreadTimes
OpenEventA
RtlUnwind
CompareStringA
LCMapStringA
GetDateFormatW
FileTimeToLocalFileTime
GetOEMCP
OpenProcess
HeapDestroy
GetProfileSectionA
LeaveCriticalSection
WritePrivateProfileStructA
GetTimeFormatW
GetTimeZoneInformation
LocalReAlloc
lstrlenW
GetProcAddress
InterlockedDecrement
FlushFileBuffers
GetFileAttributesA
GetSystemTime
GetCurrentThread
InterlockedIncrement
GetVersion
GetModuleHandleA
RemoveDirectoryA
TerminateProcess
GetFileType
HeapAlloc
SetEnvironmentVariableA
CreateMutexA
IsBadWritePtr
GetCurrentProcess
WriteFile

shell32

ShellExecuteW
SHLoadInProc
FindExecutableW

advapi32

LookupPrivilegeDisplayNameA
CryptGenRandom
ReportEventA
RegQueryValueA
CryptDestroyHash
LookupPrivilegeValueA
RegLoadKeyW
CryptAcquireContextA
CryptEnumProvidersW
RegSetValueExA
CryptSetProviderExA
RegCloseKey
StartServiceA
CryptImportKey

user32

SetDoubleClickTime
TabbedTextOutW
DestroyWindow
CreateDesktopA
CopyIcon
DialogBoxParamA
SetUserObjectSecurity
PostMessageW
LoadBitmapA
DdeConnectList
GetScrollInfo
DefWindowProcA
GetWindowLongA
UnregisterDeviceNotification
EndDeferWindowPos
GetUserObjectInformationA
GetDesktopWindow
MessageBoxA
GetWindow
ShowCaret
DestroyCursor
SetClassLongW
CreateWindowExA
EnumDisplaySettingsA
FindWindowExW
SetRect
RegisterClassExA
ShowWindow
IsCharAlphaW
RegisterClassA
GetDlgItemTextA

comctl32

CreateStatusWindowW
ImageList_DragMove
_TrackMouseEvent
InitCommonControlsEx
DrawStatusText
ImageList_Copy
ImageList_GetDragImage
ImageList_Create
ImageList_Draw
ImageList_SetImageCount
ImageList_LoadImageA
ImageList_Remove
ImageList_GetImageRect
ImageList_Read
ImageList_SetFilter
ImageList_Add
ImageList_SetBkColor
ImageList_Write
DrawInsert
DrawStatusTextW
ImageList_ReplaceIcon
ImageList_GetIconSize

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c378b82fd4c0e7253438547907fc52ea

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

user32

comctl32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 108KB - Virtual size: 125KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 108KB - Virtual size: 125KB

.rsrc
Size: 24KB - Virtual size: 20KB