4f5903f200f0ca1a0047ac7f33da1a47

Sharing

Copy URL Twitter E-mail

General

Target

4f5903f200f0ca1a0047ac7f33da1a47
Size

612KB
MD5

4f5903f200f0ca1a0047ac7f33da1a47
SHA1

b4853df9fa38ea7d85e99bba718f9fb3d4354d36
SHA256

a90cd8a7e3d6b392a46321378fc98befd0016b21fcc29aa51b22977b4d9416f0
SHA512

b4cf6aad376f6bfdfddf09d5f86f694d33f3431dd9233ecc00651648e000ea2534528b9bea4dca5c01be47eccfa74d56e392b5c40acc84bc997511c970568de1
SSDEEP

12288:cs9Q+AIT5BXHw8gcTFRAuazR41M/exR4DcWfBkKyMHURj:cxi5BXqcTFROG3oAWAB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f5903f200f0ca1a0047ac7f33da1a47

Files

4f5903f200f0ca1a0047ac7f33da1a47
.exe windows:4 windows x86 arch:x86

ed6f27084c869845a6573cd42094e75c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeConnect
GetScrollBarInfo
UnpackDDElParam
DrawStateA
IsChild
RegisterClassExA
EnumWindowStationsA
RegisterClassA
DialogBoxIndirectParamW

gdi32

EnumMetaFile
GdiPlayJournal
GetDeviceCaps
FixBrushOrgEx
GdiFlush

kernel32

HeapCreate
Sleep
IsValidCodePage
VirtualAlloc
TlsSetValue
GetOEMCP
TlsGetValue
GetConsoleOutputCP
TlsAlloc
WideCharToMultiByte
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
GetFileType
SetStdHandle
ExitProcess
GetModuleHandleA
HeapAlloc
GetCommandLineA
IsDebuggerPresent
lstrcmpW
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetLastError
HeapReAlloc
GetStringTypeW
GetTickCount
GetEnvironmentStringsW
GetConsoleCP
ReadFile
QueryPerformanceCounter
GetUserDefaultLCID
InterlockedDecrement
GetTimeFormatA
TlsFree
HeapDestroy
MultiByteToWideChar
SetLastError
OpenMutexA
WriteConsoleW
GetSystemTimeAsFileTime
InterlockedExchange
LeaveCriticalSection
InterlockedIncrement
FreeEnvironmentStringsW
GetVersionExA
GetProcAddress
FreeLibrary
WriteConsoleA
WriteFile
GetCurrentThread
IsValidLocale
RtlUnwind
CompareStringW
LCMapStringA
VirtualFree
EnumSystemLocalesA
EnterCriticalSection
GetEnvironmentStrings
CreateFileA
GetStdHandle
CloseHandle
HeapSize
GetACP
GetConsoleMode
GetLocaleInfoA
GetStartupInfoA
GetTimeZoneInformation
HeapFree
SetHandleCount
GetCurrentProcess
LCMapStringW
TerminateProcess
CreateMutexA
GetProcessHeap
GetProcAddress
GetStringTypeA
GetLocaleInfoW
LoadLibraryA
SetConsoleCtrlHandler
GetModuleFileNameA
SetFilePointer
GetCPInfo
VirtualQuery
FlushFileBuffers
GetDateFormatA
InitializeCriticalSection
FreeEnvironmentStringsA
DeleteCriticalSection
CompareStringA

comctl32

InitCommonControlsEx

wininet

InternetDialA
InternetGetConnectedState
FindFirstUrlCacheEntryA
RetrieveUrlCacheEntryFileW
GopherGetAttributeA
InternetSetCookieW
FindFirstUrlCacheEntryExA

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed6f27084c869845a6573cd42094e75c

Headers

File Characteristics

Imports

user32

gdi32

kernel32

comctl32

wininet

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 9KB - Virtual size: 17KB

.data Size: 321KB - Virtual size: 320KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 9KB - Virtual size: 17KB

.data
Size: 321KB - Virtual size: 320KB

.rsrc
Size: 9KB - Virtual size: 8KB