4fbf5cc30976908186bdb87d47c530fa

Sharing

Copy URL Twitter E-mail

General

Target

4fbf5cc30976908186bdb87d47c530fa
Size

606KB
MD5

4fbf5cc30976908186bdb87d47c530fa
SHA1

a92608d49c4e8e3c518e284ae1bd3a90b1c6e293
SHA256

49911a7e31a60f4c07f801ed0c494bffae25a65729c65df5238d87648d481846
SHA512

99e2a6b8e9cb2ac902490fc85ee47e623e0cef341cd061074ebb370475d77b33bc73b63be6767a4081b215c151d7063fab232636888d581538c50a26ac86dbc8
SSDEEP

12288:aDu2Hgo3+4S1eHszGn/TwB7TK4K/qOo2MhsGa/bwY/F:wHD3gIMzGnk7TK4K/qOoZpaz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fbf5cc30976908186bdb87d47c530fa

Files

4fbf5cc30976908186bdb87d47c530fa
.exe windows:4 windows x86 arch:x86

95cb7ecdc15566882494b590403bd2ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
MultiByteToWideChar
HeapCreate
FreeLibrary
IsValidCodePage
RtlUnwind
GetCurrentThreadId
GetCurrentProcess
GetStringTypeA
EnumSystemLocalesA
IsDebuggerPresent
HeapAlloc
ExitProcess
InterlockedIncrement
DebugBreak
GetEnvironmentStringsW
SetLastError
RaiseException
FindResourceW
VirtualAlloc
FreeEnvironmentStringsW
EnumDateFormatsExW
GetModuleFileNameW
SetFilePointer
FlushFileBuffers
TlsSetValue
VirtualQuery
TlsFree
WriteConsoleW
GetStdHandle
CreateFileA
LCMapStringA
GetFileType
HeapReAlloc
LeaveCriticalSection
GetProcAddress
InterlockedExchange
GetEnvironmentStrings
VirtualFree
GetConsoleMode
SetConsoleCtrlHandler
GetTickCount
HeapFree
GetConsoleOutputCP
SetEnvironmentVariableA
TerminateProcess
UnhandledExceptionFilter
GetStringTypeW
GetCPInfo
CompareStringW
IsBadReadPtr
GetOEMCP
HeapDestroy
CreateMutexA
GetModuleHandleA
InterlockedDecrement
FreeEnvironmentStringsA
EnterCriticalSection
GetLocaleInfoW
SetStdHandle
GetTimeZoneInformation
InitializeCriticalSection
GetSystemTimeAsFileTime
DeleteCriticalSection
WideCharToMultiByte
LoadLibraryW
lstrlenA
OutputDebugStringW
WriteFile
CloseHandle
GetConsoleCP
CompareStringA
GlobalUnlock
QueryPerformanceCounter
WriteConsoleA
GetUserDefaultLCID
lstrcpyn
LCMapStringW
GetACP
GetLastError
ReadFile
GetModuleFileNameA
SetHandleCount
TlsAlloc
OpenMutexA
GetCurrentProcessId
GetStartupInfoA
GetDateFormatA
GetLocaleInfoA
TlsGetValue
GetVersionExA
GetProcessHeap
HeapValidate
GetCommandLineA
GetTimeFormatA
CommConfigDialogA
OutputDebugStringA
GetCurrentThread
IsValidLocale
LoadLibraryA

comctl32

ImageList_SetIconSize
CreatePropertySheetPageW
ImageList_DrawIndirect
CreateStatusWindowA
ImageList_SetBkColor
InitCommonControlsEx
ImageList_Add
ImageList_EndDrag

user32

ShowWindow
VkKeyScanExA
ToUnicodeEx
MonitorFromRect
CreateWindowExA
GetKBCodePage
GetDC
MessageBoxW
SetDoubleClickTime
CloseClipboard
DestroyWindow
NotifyWinEvent
ModifyMenuW
RegisterClassExA
DispatchMessageA
GetCaretPos
DefWindowProcA
CheckRadioButton
RegisterClassA

advapi32

CryptAcquireContextW
CryptGetProvParam
RegSaveKeyA
RevertToSelf
LookupPrivilegeDisplayNameA
RegRestoreKeyA
LookupAccountSidA
RegEnumValueA
CreateServiceW
RegEnumKeyA
ReportEventW
CryptDuplicateKey
LookupPrivilegeValueW
RegDeleteKeyA
RegSetValueA
CryptGenKey
RegSetValueW
RegFlushKey
RegQueryValueExW
RegQueryValueExA
CryptEncrypt
CryptSetKeyParam

wininet

InternetConnectW
SetUrlCacheEntryGroupW
FtpGetFileEx
SetUrlCacheEntryGroupA
CreateUrlCacheEntryA
FindFirstUrlCacheGroup

gdi32

EnumMetaFile
EnumFontFamiliesExW
CreateRectRgn
DeviceCapabilitiesExA
WidenPath
CreateDiscardableBitmap
GetTextMetricsA
CopyMetaFileA
PtInRegion
SetMetaRgn
PlayEnhMetaFile
Escape
CreatePenIndirect

Sections

.text
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95cb7ecdc15566882494b590403bd2ac

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

wininet

gdi32

Sections

.text Size: 280KB - Virtual size: 280KB

.rdata Size: 147KB - Virtual size: 160KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 78KB - Virtual size: 78KB

.text
Size: 280KB - Virtual size: 280KB

.rdata
Size: 147KB - Virtual size: 160KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 78KB - Virtual size: 78KB