4f321e826efa1fbae4650459a8bd09a3

Sharing

Copy URL Twitter E-mail

General

Target

4f321e826efa1fbae4650459a8bd09a3
Size

38KB
MD5

4f321e826efa1fbae4650459a8bd09a3
SHA1

b9132f1662936935904c62e3ff7bc615c6e62627
SHA256

d95d94a4f773878ac5306b06dcad51f8806880a541a503d4ae083c8559da7b3e
SHA512

0b6b12ebdb9ac85739d575044bb6ceb9e7951c597ba54d70809a8da9fb448f74cdd32f9cd88607398bbad4bbd2fc017c7aa5545c1aa9af02c843cb2d0ee8325d
SSDEEP

768:B2IsW/N/Ehuxv2Z8maKQbCqsT3zYXC8f7:BR1NeuzeqsTDgCa7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f321e826efa1fbae4650459a8bd09a3

Files

4f321e826efa1fbae4650459a8bd09a3
.exe windows:4 windows x86 arch:x86

dbd4e41ed8a9d86f8584331d17fb82da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CopyFileExW
GetFileSize
GetCPInfo
GetConsoleMode
GetStdHandle
ReadConsoleA
CreateDirectoryA
GetCommandLineA
CopyFileA
FindFirstFileA
CopyFileExA
GetFileTime
SetLastError
FindAtomA
GlobalFree
ExitThread
OpenFileMappingA
DeleteFileW
WriteFile
ReadFile
GlobalFree
CopyFileA
GetLastError
Sleep
GetFileTime
FindAtomA
DeleteFileA
GetStdHandle
ReadConsoleA
GetCPInfo
FindFirstFileA
CreateProcessA
GetConsoleMode
ExitThread
CreateDirectoryA
DeleteAtom
CopyFileA
ReadFile
GetConsoleMode
OpenFile
GetFileSize
CopyFileExA
GlobalFree
ReadConsoleA
Sleep
GetCPInfo
DeleteFileA

comctl32

ImageList_GetImageCount
ImageList_DrawIndirect
ImageList_DragShowNolock
ImageList_Copy
ImageList_LoadImage
ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DrawEx
ImageList_Replace
ImageList_Read
ImageList_AddMasked
ImageList_GetDragImage
ImageList_Destroy
ImageList_DragEnter
ImageList_AddIcon
ImageList_Copy
InitCommonControls
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_EndDrag
ImageList_Merge
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Draw
ImageList_DragLeave

user32

GetMenu
GetWindowTextA
DrawIcon
GetFocus
LoadCursorA
BlockInput
IsWindow
DialogBoxParamW
GetDC
AppendMenuA
DialogBoxParamA
DrawIconEx
InsertMenuA
GetWindowTextA
DrawTextW
CreateIcon
CloseWindow
LoadMenuA
GetWindowTextLengthA
GetCursor
BlockInput
CopyImage
InsertMenuA
GetMenu
CopyIcon
CalcMenuBar
DrawIcon
IsWindow

gdi32

SetTextColor
CloseFigure
AddFontResourceExA
GetPixel
BitBlt
GetBrushOrgEx
AddFontResourceW
GetClipBox
GetBitmapBits
RestoreDC
GetPixel
AbortPath
ExcludeClipRect
ClearBitmapAttributes
GetPixel
AddFontResourceTracking
RestoreDC
ClearBitmapAttributes
AddFontResourceA
SetTextColor
GetBrushOrgEx
CloseFigure
AddFontMemResourceEx
BeginPath
GetPixel
BitBlt
CopyMetaFileA
CloseMetaFile
GetDCOrgEx
AddFontResourceExA

advapi32

RegEnumKeyExA
RegOpenKeyW
RegOpenKeyA
RegDeleteKeyW
RegLoadKeyA
RegReplaceKeyW
RegEnumKeyW
RegFlushKey
RegQueryValueExW
RegOpenKeyExA
RegReplaceKeyA
RegCreateKeyExW
RegEnumValueW
RegDeleteValueA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbd4e41ed8a9d86f8584331d17fb82da

Headers

File Characteristics

Imports

kernel32

comctl32

user32

gdi32

advapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 38KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 38KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 1KB