4fd8e1df70d7513e7f910913d0a1c8d2

Sharing

Copy URL Twitter E-mail

General

Target

4fd8e1df70d7513e7f910913d0a1c8d2
Size

197KB
MD5

4fd8e1df70d7513e7f910913d0a1c8d2
SHA1

df9f66d594c5d84772054b588d669718434230e3
SHA256

3b506b65e7bc5a08ab20865818c626996ba2e9c99c3536f74e34b351c8d07efb
SHA512

29cb8775793a5948f93b0cccac3af8502fa6d7138086d81bb29f506b654b0b2ac348618d284d28a596a2f7bc38beac284943f9299f0faa41dd5c5127dad832db
SSDEEP

3072:YwvqvPmVW4B7LTTDaWQfENW/e1OluiDbnWRElQzxS5AYQJ:zeQ5FDa6W/1luiDjxYI6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fd8e1df70d7513e7f910913d0a1c8d2

Files

4fd8e1df70d7513e7f910913d0a1c8d2
.exe windows:5 windows x86 arch:x86

ce904b391dbe0cc904b5a6e9283544a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageA
GetMessageTime
TabbedTextOutW
LockWindowUpdate
DrawFocusRect
DrawEdge
DestroyMenu
ToUnicodeEx
GetWindowTextLengthW
CascadeWindows
SetCaretPos
WaitMessage
SetRect
CharToOemBuffA
InvertRect
ShowCaret
CreatePopupMenu
TrackPopupMenuEx
CreateWindowExW
LoadMenuA
GetAsyncKeyState
IsCharUpperA
RegisterClassW
DestroyCaret
CreateCaret
DrawAnimatedRects
OffsetRect
SetTimer
CreateDialogParamW
GetAltTabInfoW
DefDlgProcA
GetUserObjectInformationW
OpenIcon
CharLowerBuffW
CopyRect
BeginPaint
GetForegroundWindow
GetDlgItemTextA
IsRectEmpty
HideCaret
GetWindowTextW
DialogBoxIndirectParamA
DispatchMessageW
GetLastActivePopup
SetParent
SendMessageA
CopyImage
RegisterWindowMessageW
LoadBitmapA
ValidateRect
MapVirtualKeyW
ChildWindowFromPointEx
IsIconic
CharUpperW
CloseDesktop
GetClipCursor
GetKeyboardLayout
GetShellWindow
AllowSetForegroundWindow
GetClassNameW
GetSysColor
DrawTextExW
GetMenuCheckMarkDimensions
CreateAcceleratorTableW
GetMessageA
CharToOemA
SetSysColors
ReplyMessage
LoadStringW
SendDlgItemMessageW
LoadBitmapW
AttachThreadInput
FindWindowExA
SendDlgItemMessageA
LoadCursorA
LoadMenuW
OemToCharBuffA
GetDlgItem
RedrawWindow
GetFocus
DefDlgProcW
DestroyAcceleratorTable
GetParent
CreateCursor
PostMessageA
SetClassLongW
DefFrameProcA
SystemParametersInfoW
CharLowerW
GetSysColorBrush
CreateIconFromResource
IsWindowVisible
GetMessageW
GetIconInfo
DestroyCursor
IsChild
DrawIconEx
EnableScrollBar
SetMenuItemBitmaps
ScreenToClient
OpenDesktopW
IntersectRect
AdjustWindowRectEx
CheckRadioButton
GetClassInfoW
IsMenu
GetDC
LoadImageW
FindWindowExW
LoadCursorW
GetKeyboardLayoutNameW
ClipCursor
MessageBoxW
GetWindowLongW
MessageBoxExW
TileWindows
SwitchToThisWindow
CheckMenuRadioItem

gdi32

CreateDIBitmap
ScaleViewportExtEx
SetWindowExtEx
UnrealizeObject
CreatePen
SetViewportExtEx
SetMapMode
AddFontResourceW
GetPaletteEntries
GetBitmapBits
BitBlt
CreateICW
GetTextFaceW
SetTextAlign
RemoveFontResourceW
SetStretchBltMode
GetSystemPaletteEntries
EnumFontFamiliesExW
SaveDC
GetROP2
GetDeviceCaps
GetMapMode
RestoreDC
SetPixel
PolyBezier
GetTextExtentPoint32W
CreatePolygonRgn
GetClipBox
GetRgnBox
CreatePenIndirect
SetBitmapBits
CreateFontA
SetDIBColorTable
CreateHatchBrush
CreateCompatibleBitmap
OffsetRgn
EndPath
CreateBitmapIndirect
ExtFloodFill
ExtTextOutA
Rectangle
SetBkMode
RectInRegion
GetTextColor
SetAbortProc
CreateRectRgn
SelectObject

msvcrt

_controlfp
time
iswxdigit
puts
setvbuf
sprintf
__set_app_type
fread
remove
strtoul
wcstoul
isalnum
getc
__p__fmode
__p__commode
fflush
clearerr
_amsg_exit
_initterm
localtime
iswalpha
wcstombs
towlower
_acmdln
gets
islower
tolower
atoi
wcsncpy
exit
_ismbblead
wcschr
printf
_XcptFilter
iswctype
_exit
fclose
_cexit
__setusermatherr
fputs
wcstol
mktime
strspn
fseek
__getmainargs
free
swscanf
isspace

comctl32

ImageList_Draw
ImageList_Read
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetIconSize
DestroyPropertySheetPage

kernel32

VerSetConditionMask
IsValidLanguageGroup
SetFileAttributesW
GetLocaleInfoA
GetCommState
SetMailslotInfo
GetModuleFileNameA
GetModuleHandleW
GetModuleFileNameW
RemoveDirectoryA
lstrcmpiA
RegisterWaitForSingleObject
GetFileAttributesExW
UnlockFile
CreateFileMappingW
IsBadStringPtrW
CreateSemaphoreA
lstrcatA
VerifyVersionInfoW
GetStdHandle
ClearCommBreak
FindResourceExA
CancelIo
FileTimeToSystemTime
LoadLibraryA
TlsGetValue
FlushViewOfFile
TlsSetValue
HeapUnlock
HeapFree
CreateThread
IsDBCSLeadByte
lstrcpyA
GetModuleHandleA
SearchPathA
HeapLock
TerminateThread
GetOEMCP
GetFileTime
LoadLibraryExW
GetStringTypeExW
GlobalAddAtomA
CreateRemoteThread
GetCurrentThread
GlobalAddAtomW
LoadLibraryW
GetTimeFormatA
SetSystemTimeAdjustment
IsBadWritePtr
FindFirstFileW
GetTempPathW
GetWindowsDirectoryW
DeleteAtom

comdlg32

ReplaceTextW
CommDlgExtendedError
GetOpenFileNameA
PrintDlgExW
ChooseFontW

Exports

Exports

?RemoveTime@@YGPADM]A
?BitCounterArrayIdeDunAs@@YGKGE@Z
?CrtRectExA@@YGPAEPAM]A

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce904b391dbe0cc904b5a6e9283544a9

Headers

File Characteristics

Imports

user32

gdi32

msvcrt

comctl32

kernel32

comdlg32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 189KB

.rsrc Size: 169KB - Virtual size: 168KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 189KB

.rsrc
Size: 169KB - Virtual size: 168KB

.reloc
Size: 1KB - Virtual size: 1KB