4f42b7c8bf1ef940d3ac5673737c8c30

Sharing

Copy URL Twitter E-mail

General

Target

4f42b7c8bf1ef940d3ac5673737c8c30
Size

678KB
MD5

4f42b7c8bf1ef940d3ac5673737c8c30
SHA1

2db3c629e95d336bae84f82dd1230f9a69d9bcc9
SHA256

95ef211d82a2475bb6f4d40a39d11907140b9704f9ddc37037fe83f204b0701b
SHA512

9d7dc303f8672283265d2c2932a6116a0b1b6a57ccf03361bc141c2ff97ef5fd86c5d8c2cea14334b1c1fbfcceee217e6edac3fd27038b47d0298fa2c96c7478
SSDEEP

12288:hOj974YnMV0syIHm25gtYBNEO7HFMyFXCeERYmJdLFDMfqXSOodH:hss9Hb5Wq7lfFXhOTond

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f42b7c8bf1ef940d3ac5673737c8c30

Files

4f42b7c8bf1ef940d3ac5673737c8c30
.exe windows:4 windows x86 arch:x86

83b2301d9d40fa4635acc9f78d5fc187

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
SHBrowseForFolderA
ExtractIconExW
ExtractIconW

wininet

FtpRemoveDirectoryW
InternetGetLastResponseInfoA
DeleteUrlCacheContainerW
InternetGetCertByURLA
GetUrlCacheEntryInfoA
LoadUrlCacheContent

kernel32

LoadLibraryW
LoadLibraryA
VirtualFree
IsDebuggerPresent
SetThreadAffinityMask
SetStdHandle
GetModuleFileNameW
HeapValidate
CreateFileA
TlsSetValue
GlobalUnfix
SetConsoleCtrlHandler
GetCompressedFileSizeW
IsValidCodePage
HeapDestroy
VirtualQuery
WriteConsoleA
LCMapStringA
GetEnvironmentStrings
GetFileType
HeapCreate
ExitProcess
UnhandledExceptionFilter
GetStartupInfoW
TerminateThread
FormatMessageA
SetEnvironmentVariableA
GetLocaleInfoA
ReadConsoleInputA
InterlockedDecrement
WaitForSingleObjectEx
CloseHandle
DebugBreak
SetLastError
HeapFree
LeaveCriticalSection
LCMapStringW
GetCurrentProcessId
ReadFile
QueryPerformanceCounter
FindAtomA
FreeLibrary
MultiByteToWideChar
EnterCriticalSection
GetSystemTimeAsFileTime
GetLongPathNameA
EnumResourceLanguagesA
InterlockedIncrement
GetEnvironmentStringsW
GetModuleHandleA
SetComputerNameW
EnumSystemLocalesA
LocalSize
TerminateProcess
GetOEMCP
InitializeCriticalSection
RaiseException
OutputDebugStringW
GetCurrentThread
IsBadReadPtr
WriteFile
GetSystemTimeAdjustment
HeapAlloc
GetFileAttributesA
GetVersionExA
GetTickCount
GetCurrentThreadId
WriteProfileSectionW
IsValidLocale
GetCurrentProcess
OpenMutexA
IsBadWritePtr
VirtualAlloc
GetACP
GetDateFormatA
FillConsoleOutputAttribute
GetSystemInfo
GetStringTypeA
WriteConsoleW
TlsGetValue
GetTimeZoneInformation
GetConsoleCP
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
FlushFileBuffers
GetStartupInfoA
GetUserDefaultLCID
HeapReAlloc
WideCharToMultiByte
GetConsoleOutputCP
GetModuleFileNameA
GetStringTypeW
CreateMutexA
GetConsoleMode
GetLocaleInfoW
CompareStringA
DeleteCriticalSection
TlsAlloc
CompareStringW
GetProcessHeap
InterlockedExchange
GetLastError
CreateSemaphoreW
GetTimeFormatA
SetFilePointer
GetCPInfo
TlsFree
GetCommandLineA
GetStdHandle
SetHandleCount
GetProfileStringA
GetProcAddress
lstrlenA
OutputDebugStringA
RtlUnwind
FreeEnvironmentStringsW

comdlg32

FindTextW
GetOpenFileNameA

user32

DlgDirListComboBoxW
RegisterClassA
WinHelpA
LoadImageW
SetWindowTextW
RegisterClassExA
GetNextDlgGroupItem
DrawFrame

comctl32

InitCommonControlsEx

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83b2301d9d40fa4635acc9f78d5fc187

Headers

File Characteristics

Imports

shell32

wininet

kernel32

comdlg32

user32

comctl32

Sections

.text Size: 273KB - Virtual size: 273KB

.rdata Size: 46KB - Virtual size: 64KB

.data Size: 356KB - Virtual size: 356KB

.rsrc Size: 512B - Virtual size: 360B

.text
Size: 273KB - Virtual size: 273KB

.rdata
Size: 46KB - Virtual size: 64KB

.data
Size: 356KB - Virtual size: 356KB

.rsrc
Size: 512B - Virtual size: 360B