4ec8750333ab3bb4f2d6ceaff24896a4

General

Target

4ec8750333ab3bb4f2d6ceaff24896a4
Size

401KB
MD5

4ec8750333ab3bb4f2d6ceaff24896a4
SHA1

17208c14eab1945bf4c61760c1c18fe3764b3c04
SHA256

9a5fb631bb9a85457dcce49aa2fba3193d27eeec0adb68bdea0019d84b222d9c
SHA512

a4c454a4081c4c6aa003163143640999b70dd49fba3a0b999e13377cc9ac61a22a5bc5242f80372b8a2957d8746a4f90750ac6bbbbed16bce668eb29be763793
SSDEEP

12288:COWLtvrcFFrpvnZgiZ0R3DjkeVANnnUow7s9:55F2tXkEsU1Y9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ec8750333ab3bb4f2d6ceaff24896a4

Files

4ec8750333ab3bb4f2d6ceaff24896a4
.exe windows:4 windows x86 arch:x86

ae90a66df6c6d46186c230c21a4bd826

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetACP
TlsFree
EnterCriticalSection
RtlUnwind
HeapSize
DeleteCriticalSection
GetCurrentProcess
GetTimeZoneInformation
VirtualAlloc
UnhandledExceptionFilter
SetLastError
HeapReAlloc
GetStringTypeA
MapViewOfFileEx
GetStdHandle
GetEnvironmentStrings
TlsSetValue
GetModuleFileNameA
GetFileType
HeapDestroy
ExitProcess
GetLocaleInfoW
HeapCreate
IsValidCodePage
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetDateFormatA
LeaveCriticalSection
QueryPerformanceCounter
CreateFileMappingA
SetEnvironmentVariableA
OpenFileMappingA
WriteFile
GetCurrentThreadId
GetCurrentThread
HeapAlloc
GetSystemInfo
HeapFree
LoadLibraryW
VirtualFree
GetCurrentProcessId
CompareStringW
InitializeCriticalSection
GetVersionExA
ReadConsoleOutputCharacterA
LCMapStringW
GetCommandLineA
GetOEMCP
IsBadWritePtr
GetEnvironmentStringsW
SetHandleCount
TlsGetValue
LCMapStringA
FreeEnvironmentStringsA
GetModuleHandleA
WideCharToMultiByte
GetLocaleInfoA
CompareStringA
EnumSystemLocalesA
VirtualProtect
GetCommandLineW
WriteProfileSectionA
GetCPInfo
IsValidLocale
GetProcAddress
GetStartupInfoA
GetStringTypeW
FreeEnvironmentStringsW
TlsAlloc
InterlockedExchange
MultiByteToWideChar
TerminateProcess
GetTimeFormatA
VirtualQuery

comdlg32

PageSetupDlgW
ReplaceTextW
PrintDlgW

user32

GetProcessWindowStation
CreateCursor
DestroyMenu
RealChildWindowFromPoint

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae90a66df6c6d46186c230c21a4bd826

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

Sections

.text Size: 113KB - Virtual size: 112KB

.data Size: 275KB - Virtual size: 300KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 113KB - Virtual size: 112KB

.data
Size: 275KB - Virtual size: 300KB

.rsrc
Size: 12KB - Virtual size: 11KB