4fd1d1583db4ddcc7bb02ce7979a10ed

Sharing

Copy URL

Twitter E-mail

General

Target

4fd1d1583db4ddcc7bb02ce7979a10ed
Size

388KB
MD5

4fd1d1583db4ddcc7bb02ce7979a10ed
SHA1

6cea166a0402f20063287cbed1140fa8452f75a2
SHA256

72125dfc7f6c4bec6207a316f05712922c038f9ac5702a85b1d84613e46cf0f0
SHA512

05f4d795387211d97f90b70d47ac4f85c1a6e6905a68186f615090b56143bca6afdeb973e99bd080ef2c74630702f21185b07a5e8a43b1930a20389240c04ab1
SSDEEP

6144:kLcUhoKF4imINAQYx/SytcZE5pgMOG5i+ryAhLDqd7YTlwNMo0HajkLqDyxFh1hm:Ny1F4AyQYNYS5vtLoYW/07WDKh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fd1d1583db4ddcc7bb02ce7979a10ed

Files

4fd1d1583db4ddcc7bb02ce7979a10ed
.exe windows:4 windows x86 arch:x86

b8c6bedd4e0d2f5e2586e61b1a2c8161

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
IsBadWritePtr
GetThreadContext
SetEndOfFile
ExitThread
VirtualProtect
AreFileApisANSI
UnhandledExceptionFilter
PurgeComm
lstrcmpiA
FindNextChangeNotification
SetConsoleActiveScreenBuffer
ConnectNamedPipe
CreateNamedPipeW
ExitProcess
AllocConsole
GlobalReAlloc
CreateIoCompletionPort
_lread
GetWindowsDirectoryA
SetFileTime
PrepareTape
FindCloseChangeNotification
WritePrivateProfileSectionA
EnumResourceLanguagesW
CreateWaitableTimerA
GetStringTypeExW
GetFileInformationByHandle
GetCurrentDirectoryW
ReadConsoleOutputA
GetModuleHandleA
ReadDirectoryChangesW
GetLongPathNameA
WritePrivateProfileStructA
FlushConsoleInputBuffer
DuplicateHandle
GetCommandLineA
GetVersionExA
LoadLibraryExA

user32

GetUpdateRect
SwitchToThisWindow
GetWindowTextA
GetClientRect
ChangeMenuW
DialogBoxParamW
SetCursor
DestroyCaret
EnableWindow
SetWindowWord
DispatchMessageW
CreateIconFromResource
CreateIconIndirect
CreateDialogParamW
SetRect
ArrangeIconicWindows
CreateDialogIndirectParamW
ShowCursor
SendMessageA
SetWindowTextW
CreateWindowExA
DrawCaption
GetWindowTextLengthW
GetInputState
UnregisterDeviceNotification
MapWindowPoints
GetWindowRgn
MonitorFromWindow
OffsetRect
SetProcessWindowStation
DestroyAcceleratorTable
TranslateMessage
GetWindowRect
GetDesktopWindow
FindWindowA
ChildWindowFromPoint
IsIconic
CreatePopupMenu
FlashWindow
GetClassInfoA
UnhookWindowsHook
CreateMenu
LoadBitmapA
CallWindowProcW
PeekMessageA
CharLowerA
RegisterWindowMessageA
TileWindows
IsWindowEnabled

gdi32

EndPath
GetClipRgn
SetDIBits
EnumEnhMetaFile
AbortDoc
ExtCreateRegion
GetTextExtentPoint32A
AddFontResourceW
RemoveFontResourceW
GetBkColor
RestoreDC
SetTextCharacterExtra
CreateHatchBrush
SetTextJustification
GetCharWidth32W

comdlg32

PageSetupDlgW
GetSaveFileNameW

advapi32

InitiateSystemShutdownW
StartServiceA
RegDeleteValueA
LookupAccountNameW
SetServiceStatus
CloseServiceHandle
CryptDeriveKey
SetTokenInformation
RegConnectRegistryA
RegSetValueExA
RegisterServiceCtrlHandlerW
RegFlushKey
GetTokenInformation
CryptGetHashParam

shell32

DragFinish
FindExecutableW
FindExecutableA
DragAcceptFiles
SHLoadInProc

ole32

CoGetObject
CoSwitchCallContext
ProgIDFromCLSID
CoGetInterfaceAndReleaseStream

oleaut32

SysAllocStringLen
SafeArrayPutElement
SafeArrayRedim
SafeArrayCreate

comctl32

ImageList_SetIconSize

shlwapi

SHOpenRegStream2W
StrTrimA
PathSkipRootW
PathGetCharTypeA
SHCreateStreamOnFileW
AssocQueryStringW
StrCmpIW
PathCompactPathExW
PathIsUNCW
PathIsDirectoryEmptyW
PathCanonicalizeA

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8c6bedd4e0d2f5e2586e61b1a2c8161

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 44KB - Virtual size: 42KB

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 44KB - Virtual size: 42KB