4f001e9fd4edf211e0c0eb51fa9b5389

Sharing

Copy URL

Twitter E-mail

General

Target

4f001e9fd4edf211e0c0eb51fa9b5389
Size

159KB
MD5

4f001e9fd4edf211e0c0eb51fa9b5389
SHA1

ee392605cc44e956e1782d173fbe10bd950bd6bf
SHA256

39b9ddff123eacbe1be553f42793d4e37dc26a851b78940ee98c6ebbe588e7b1
SHA512

838816c48e4c673afba387416454cc1b5776004afea0f6f7a92dc8788cb90eda3616c015e8a29b823e86b0513d535a40034323d1e47ca6aa3b9a40fbcdda3eb2
SSDEEP

3072:pSasd6qvPj0cogkwvFOOyxgrrKHBdcO5fmVNHXLdwEBjV1/Ia4NFUYH/n:pY0qz0aHOjXcOBmvHXt+NFUYHP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f001e9fd4edf211e0c0eb51fa9b5389

Files

4f001e9fd4edf211e0c0eb51fa9b5389
.exe windows:4 windows x86 arch:x86

4100ef91ba80daa1e13464a35374f9b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetModuleFileNameA
SetEndOfFile
GetFileAttributesA
GetDriveTypeA
GetConsoleMode
CreateFileA
GlobalAlloc
GetLocaleInfoW
ReadFile
GetEnvironmentVariableA
GetSystemTimeAsFileTime
UnmapViewOfFile
GlobalReAlloc
GetProcessHeap
DeleteCriticalSection
GetSystemDirectoryA
IsBadStringPtrA
GetLocaleInfoA
EnterCriticalSection
IsBadReadPtr
FreeLibrary
GetStartupInfoA
WriteConsoleW
CreateEventA
VirtualFree
FlushFileBuffers
SetThreadAffinityMask
GetModuleHandleA
GetTimeFormatA

gdi32

GetDeviceCaps
BitBlt
SetTextColor
GetStockObject
GetBkMode
SetBkColor
GetObjectA
Rectangle
SetBkMode
CreateSolidBrush
Polyline
CreateRectRgn
SetMapMode
GetTextExtentPoint32A
StartDocA
LineTo
CreateFontIndirectA
CreateCompatibleBitmap
CreateRectRgnIndirect
SelectClipRgn
SetROP2

msvcrt

memcpy
exit
_wsystem
modf
_wputenv
__p__commode
iswalnum
_fileinfo
_read
_close
_mbscat
_safe_fdivr
_mbsnbicoll
_wcsicmp
_wfindfirst
_chdrive
_aligned_offset_malloc
__setusermatherr
_wsearchenv
_acmdln
_XcptFilter
_winminor
_wfindnext64
_pgmptr
_mbsnbcpy
_mbctombb
__getmainargs
_ltow
_wmkdir
_ismbbalnum
wcscoll
_controlfp
_vscprintf
__set_app_type
_wmakepath
_except_handler3
_execve
_heapmin
_mbclen
_atodbl
__p__fmode
_fdopen
_initterm
_exit
_adjust_fdiv
_sopen
atan

user32

GetDC
GetWindowRect
GetDlgItem
ExitWindowsEx
MessageBoxA
EndPaint
EnumChildWindows
SetMenuItemInfoA
GetSystemMetrics
DrawIconEx
SendMessageTimeoutA
PtInRect
GetDoubleClickTime
LoadImageA
DeferWindowPos
GetCapture
KillTimer
CreateIconIndirect
SendMessageA
GetMessageA
wsprintfA
UpdateWindow
GetWindow
IsZoomed
CreateWindowExA

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4100ef91ba80daa1e13464a35374f9b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

msvcrt

user32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 80KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 80KB

.rsrc
Size: 7KB - Virtual size: 7KB