4ecc6b4c9b0dd7eee413618f99f9d465

Sharing

Copy URL Twitter E-mail

General

Target

4ecc6b4c9b0dd7eee413618f99f9d465
Size

128KB
MD5

4ecc6b4c9b0dd7eee413618f99f9d465
SHA1

3800d6432d23cae49b6202c2f1f19eb259c37290
SHA256

8a7a25ae26049916d4cf4ce306a747878751aaec66ea096a7f074062f7ef7185
SHA512

0876a086c85d086d684b1a3d81c72e38da84d0c180d6079c915356939563008ba8e46cd972738dad798c20d21e6b576841f0389d3fd7437148fc7addcc461354
SSDEEP

3072:kaq4GU+L40iYmg7xA7f0HLZuytiq7YqnaY80eun9:kagUTl41HptBhheW9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ecc6b4c9b0dd7eee413618f99f9d465

Files

4ecc6b4c9b0dd7eee413618f99f9d465
.exe windows:4 windows x86 arch:x86

f4b96025d790e521a9eb40f0c10528c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetDefaultIMEWnd

binkw32

_BinkOpenDirectSound@4
_BinkBufferSetOffset@12
_BinkBufferCheckWinPos@12
_BinkWait@4
_BinkDoFrame@4
_BinkBufferBlit@12
_BinkCopyToBuffer@28
_BinkBufferUnlock@4
_BinkGetRects@8
_BinkNextFrame@4
_BinkClose@4
_BinkBufferLock@4
_BinkSetSoundSystem@8
_BinkOpen@8
_BinkSetSoundOnOff@8
_BinkBufferOpen@16
_BinkBufferSetResolution@12
_BinkBufferSetScale@12
_BinkBufferClose@4

kernel32

SetUnhandledExceptionFilter
VirtualAlloc
HeapSize
HeapAlloc
HeapReAlloc
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
IsBadCodePtr
CloseHandle
ReadFile
FreeLibrary
CompareStringA
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
GetLastError
SetLastError
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringA
RtlUnwind
ExitProcess
GetVersion
GetStringTypeA
GetEnvironmentStrings

user32

GetWindowRect
BeginPaint
EndPaint
TranslateMessage
PostQuitMessage
DestroyWindow
UpdateWindow
GetDC
ShowWindow
ShowCursor
GetSystemMetrics

gdi32

PatBlt
GetDeviceCaps

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f4b96025d790e521a9eb40f0c10528c1

Headers

File Characteristics

Imports

imm32

binkw32

kernel32

user32

gdi32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 76KB - Virtual size: 76KB