4e5fc3be3aa820536c12ef6a68ca167a[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

4e5fc3be3aa820536c12ef6a68ca167a.exe
Size

112KB
MD5

4e5fc3be3aa820536c12ef6a68ca167a
SHA1

a0648cc4d23a9d1023cd642e76286c85100d18d0
SHA256

ec082c354cda3a33cece1ef0b3b7bf3439fca2c0fdf897e98658856f587a5558
SHA512

eed8abe377c5c3be9b71151d13af963c3fa3a0cc4475098bb48a850f3520eef6b144767f8598cdcd4bdaa1636d16afc961e4766b852ce2d53a83dbd20cea43af
SSDEEP

1536:O2513tWOnIZkkKbgn0IBgajMfN35S8QfrR7F9KasLEHsZiiBRk:/11iMbg0I4lWAasIHI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e5fc3be3aa820536c12ef6a68ca167a.exe

Files

4e5fc3be3aa820536c12ef6a68ca167a.exe
.dll regsvr32 windows:4 windows x86 arch:x86

9418c1e4cfcebd4ca2314787f216e142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
VirtualQuery
LoadLibraryA
ExpandEnvironmentStringsA
CreateFileA
VirtualProtect
GetComputerNameA
UnmapViewOfFile
InitializeCriticalSection
CopyFileA
GetModuleHandleA
ReadFile
LeaveCriticalSection
GetTickCount
InterlockedDecrement
ReleaseMutex
CreateMutexA
Sleep
DeleteFileA
GetProcAddress
CreateThread
GetSystemTimeAsFileTime
LocalFree
CreateDirectoryA
EnterCriticalSection
CreateFileMappingA
InterlockedIncrement
MapViewOfFile
WriteFile
SetFilePointer
GetEnvironmentStrings
SetEnvironmentVariableA
GetNumberFormatW
GetModuleFileNameW
LocalUnlock
SystemTimeToFileTime
ProcessIdToSessionId
SetVolumeLabelW
GetDateFormatA
FindNextVolumeMountPointW
FindResourceA
WriteProcessMemory
GetExitCodeProcess
SetConsoleActiveScreenBuffer
QueueUserWorkItem
IsBadCodePtr
GetTimeFormatA
GetThreadLocale
LocalAlloc
GetCommandLineA
CreateMailslotW
DisconnectNamedPipe
GetConsoleMode
MoveFileExA
VirtualFree
GetTimeZoneInformation
GetAtomNameA
MoveFileW
DeleteFileW
SetComputerNameA
LockFileEx
MoveFileExW
GetFileType
FindResourceExW
GetTempPathW
GetProcessVersion
GetSystemDirectoryA
ReadProcessMemory
GetThreadTimes
ReadConsoleA
Beep
CompareStringA
GetWindowsDirectoryW
GlobalFlags
HeapUnlock
lstrcmpW
LockFile
HeapSize
SetNamedPipeHandleState
FileTimeToDosDateTime
GetEnvironmentStringsW
FindAtomA
OpenFileMappingW
ReadDirectoryChangesW
GetTimeFormatW
GetLongPathNameW
EnumUILanguagesW
lstrcatW
EscapeCommFunction
WriteConsoleInputA
GetVolumePathNamesForVolumeNameW
GetFileAttributesExA
WriteConsoleW
IsValidLocale
WriteProfileStringA
CancelIo
AddAtomW
FormatMessageW
ExitThread
FindFirstChangeNotificationW
GetCurrentDirectoryA
ConnectNamedPipe
CreateIoCompletionPort
GetNumberFormatA
SetConsoleCursorPosition
CreateTimerQueueTimer
SetFileApisToOEM
IsBadHugeWritePtr
WriteFileEx
GetUserDefaultLangID
GetFullPathNameA
IsBadWritePtr
DuplicateHandle
HeapCreate
CompareStringW
FreeConsole
GetTempFileNameW
GetFullPathNameW
FindAtomW
FindResourceW
GetSystemTimeAdjustment

user32

GetWindowTextLengthA
GetMenuCheckMarkDimensions
CharUpperBuffW
GetSystemMenu
RegisterWindowMessageA
SetMenuItemInfoW
ToAsciiEx
GetCursorPos
InvalidateRect
CharPrevA
GetSystemMetrics
SetSysColors
OpenIcon
CreateWindowExW
ChangeDisplaySettingsA
wsprintfW
SetRectEmpty
CharUpperW
SendMessageW
GetParent
MessageBoxExA
CharUpperBuffA
ScrollDC
WinHelpW
CheckDlgButton
MessageBoxExW
CloseWindowStation
LoadAcceleratorsW
GrayStringA
wvsprintfA
SetWindowTextW
SetDlgItemTextW
SetMenuItemInfoA
SetWindowPlacement
FrameRect
CharUpperA
GetMenu
GetMenuItemID
InsertMenuA
GetWindowTextW
GetDesktopWindow
OpenWindowStationW
UnpackDDElParam
DefFrameProcW
GetNextDlgGroupItem
EnumThreadWindows
DrawFrameControl
AppendMenuW
LoadMenuW
SetCaretPos
SetParent
GetWindowContextHelpId
GetKeyNameTextA
GetFocus
GetClassInfoExA
SetWindowsHookExW
GetPropA
GetDlgCtrlID
GetDlgItemTextW
KillTimer
SetMessageQueue
FindWindowExW
IsDialogMessageA
MapVirtualKeyExW
DrawAnimatedRects
DrawTextA
CreateDialogIndirectParamA
SendDlgItemMessageA
GetMessageExtraInfo
CheckRadioButton
CallWindowProcW
GetTabbedTextExtentA
CharNextExA
GetProcessDefaultLayout
OemToCharBuffA
AppendMenuA
SetProcessDefaultLayout
IsDlgButtonChecked
LoadStringW
GetClassNameW
UnregisterHotKey
GetMenuItemCount
GetShellWindow
MoveWindow
DrawTextExW
RemoveMenu
GetClassInfoExW
SetForegroundWindow
GetScrollPos
SetProcessWindowStation
DrawIcon
EqualRect
OemToCharA
IsWindowEnabled
GetMenuStringW
LoadImageA
IsWindow
TrackMouseEvent
CopyIcon
NotifyWinEvent
CreateIcon
GetMenuDefaultItem
IsCharAlphaW
GetMessageTime
GrayStringW
BroadcastSystemMessageW
LoadImageW
ShowCaret
wvsprintfW
DestroyIcon
ReuseDDElParam
TrackPopupMenuEx
MapVirtualKeyW
CreateIconIndirect
DrawMenuBar
DeferWindowPos
ModifyMenuW
GetWindowTextA
GetAncestor
DrawTextW
DeleteMenu
TrackPopupMenu
DefFrameProcA
GetGUIThreadInfo
ValidateRect
SystemParametersInfoW
FindWindowExA
PostMessageW
SetWindowLongA
FindWindowA
CallNextHookEx
RegisterClassExA
GetWindowLongA
SendMessageA
GetClientRect
DispatchMessageA
CreateWindowExA
DefWindowProcA
SetWindowsHookExA
PeekMessageW

shlwapi

PathFindNextComponentW
StrStrIW
wvnsprintfW
SHGetValueW
PathGetCharTypeA
PathIsDirectoryW
StrDupA
PathFileExistsA
SHRegGetUSValueW
StrRetToBufW
StrDupW
StrCmpW
StrFormatKBSizeW
StrChrW
UrlCreateFromPathW
StrCmpIW
PathCommonPrefixW
PathUndecorateW
StrToIntW
PathFindExtensionW
PathAddBackslashA
PathRemoveFileSpecA
PathIsPrefixW
StrChrA
PathCombineW
StrStrW
PathFindFileNameA
StrToIntExW
StrTrimW
StrRChrW
SHAutoComplete
SHGetValueA
PathRemoveBackslashW
StrStrA
PathIsUNCServerW
StrCatW
StrNCatW
SHDeleteKeyA
SHRegGetValueW

shell32

ShellExecuteExW
SHGetFolderLocation
ExtractIconExA
SHBrowseForFolderW
DragAcceptFiles
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
DragFinish
ShellExecuteW
SHFileOperationA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9418c1e4cfcebd4ca2314787f216e142

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

shell32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB