4faa38e016e39b5181a4026d2630b67a

General

Target

4faa38e016e39b5181a4026d2630b67a
Size

385KB
MD5

4faa38e016e39b5181a4026d2630b67a
SHA1

aea7b7cc9057b4c689aad8f85821ae89b471bd5f
SHA256

fa9f8a5816b978cb807baf602b18ea94571f4899ada9748bf760df5e2e3e6bfb
SHA512

97be3c4921751d504dd032ebaa1ab42ce69eb543543a6535551bd7caf0cee423ac328a43568c852b812d3a6017fc747611c7eb048073795908dd752096625c0c
SSDEEP

12288:5Ay9wCPrtxMmK4MvRvmI9jDYrWmu349CX8:5N+CTtxhK48RvmIBYr63VX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4faa38e016e39b5181a4026d2630b67a

Files

4faa38e016e39b5181a4026d2630b67a
.exe windows:4 windows x86 arch:x86

98df8721c81fc8589b3b0ea4587dacee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
EnumResourceTypesW
UnhandledExceptionFilter
VirtualAllocEx
RtlUnwind
GetPrivateProfileStructW
GetDiskFreeSpaceExA
GetCurrentProcess
GetProcAddress
VirtualAlloc
GetTimeFormatW
TransmitCommChar
HeapReAlloc
GetProfileStringW
WriteConsoleW
EnumSystemLocalesA
HeapFree
InterlockedExchange
GetModuleFileNameA
TerminateProcess
GetModuleHandleA
ExitProcess
GetCurrencyFormatA
WriteProfileStringA
LocalFlags
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetProfileStringA
SetConsoleTitleW
CreateRemoteThread
QueryPerformanceCounter
GetProfileIntA
SetVolumeLabelW
FindFirstFileA
VirtualQuery
GetCurrentThreadId
LeaveCriticalSection
HeapAlloc
WaitForSingleObjectEx

wininet

ShowSecurityInfo
SetUrlCacheConfigInfoA
InternetAutodialHangup
HttpAddRequestHeadersA
InternetTimeFromSystemTimeA
SetUrlCacheEntryGroup
CommitUrlCacheEntryA
ResumeSuspendedDownload
HttpSendRequestExA
FtpGetFileA
FindNextUrlCacheEntryExW
HttpQueryInfoW
InternetGoOnlineW
InternetWriteFileExA
InternetCanonicalizeUrlA
IsHostInProxyBypassList
FindFirstUrlCacheContainerA
FtpCreateDirectoryW
SetUrlCacheEntryGroupA

gdi32

DPtoLP
LPtoDP
SetBoundsRect
CreateEllipticRgnIndirect
SetDeviceGammaRamp
SetStretchBltMode
GetDIBColorTable
DeleteDC
PtInRegion
GetEnhMetaFileDescriptionA
SetAbortProc
GetMetaFileW
PlayEnhMetaFile
CreateICW
GetTextExtentExPointW
GetCharWidthA
GetBitmapDimensionEx

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98df8721c81fc8589b3b0ea4587dacee

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

Sections

.text Size: 108KB - Virtual size: 107KB

.data Size: 263KB - Virtual size: 262KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 108KB - Virtual size: 107KB

.data
Size: 263KB - Virtual size: 262KB

.rsrc
Size: 13KB - Virtual size: 12KB