4f4ab8d34aabe0ed9b2b766c38b38795

Sharing

Copy URL Twitter E-mail

General

Target

4f4ab8d34aabe0ed9b2b766c38b38795
Size

3.3MB
MD5

4f4ab8d34aabe0ed9b2b766c38b38795
SHA1

38f2db736a94452f785aeacd93d0afde1bc1cb11
SHA256

cd2149a741b09a07ac3fe101b091b90616254f19628c21ebac224a785e882cf3
SHA512

758676c99cb7215b214894df43c60f36841292c2e610b15acc68e0d24737b17c86bb1bdac8ca4fb838c2ae17a3e0896f6b9e3c6cb5f4a4b6b542a343d9b19955
SSDEEP

24576:Ar5KstqXZoDWpPBLMPpavOdex6MTehgKwTLQeQHfTjMwmw4+2SBE:OyoyuxMvSHJ2t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f4ab8d34aabe0ed9b2b766c38b38795

Files

4f4ab8d34aabe0ed9b2b766c38b38795
.exe windows:5 windows x86 arch:x86

38b451c8c1a40be37e319bb7e0d9dd8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
LocalAlloc
VirtualAllocEx
HeapAlloc
HeapReAlloc
ExitProcess
GetCurrentThreadId
GetLastError
CloseHandle
SetCommTimeouts
GetLocalTime
TlsAlloc
GetModuleHandleW
GetConsoleWindow
GlobalUnlock
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GlobalAlloc
GetModuleHandleA
GetStartupInfoW
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsSetValue
SetLastError
TlsGetValue
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte

user32

GetClassInfoW
MoveWindow
IsWindowEnabled
SetWindowLongW
CreateCaret
ScrollDC
GetDC
SetMenuInfo
DeleteMenu
RemoveMenu
GetMenuItemCount

userenv

EnterCriticalPolicySection
LeaveCriticalPolicySection
GetUserProfileDirectoryW

gdi32

TranslateCharsetInfo

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t0i8ia
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r325i
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38b451c8c1a40be37e319bb7e0d9dd8d

Headers

File Characteristics

Imports

kernel32

user32

userenv

gdi32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 12KB - Virtual size: 6.8MB

.idata Size: 2KB - Virtual size: 2KB

.t0i8ia Size: 1.4MB - Virtual size: 1.4MB

.r325i Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 12KB - Virtual size: 6.8MB

.idata
Size: 2KB - Virtual size: 2KB

.t0i8ia
Size: 1.4MB - Virtual size: 1.4MB

.r325i
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 5KB - Virtual size: 4KB