4a8c96ddc630f1b564f110f7fb36e2773375d323852b4257ce2baedd9be56cd3

Sharing

Copy URL Twitter E-mail

General

Target

4a8c96ddc630f1b564f110f7fb36e2773375d323852b4257ce2baedd9be56cd3
Size

155KB
MD5

d8e1bf21acfa062ead4d5444bce01357
SHA1

40e77dddfd33eb34f6463689776df30297a27b33
SHA256

4a8c96ddc630f1b564f110f7fb36e2773375d323852b4257ce2baedd9be56cd3
SHA512

1ba1867f99405aa89eb15e9e57fc7de23faa9b2ccf1fd5d40f9e160539449ba1a4907abdeca56157249c42e839c6965be09bf4b6dd3ca30384ba6d33500e8554
SSDEEP

3072:fErP3RtNMcPX23KJvKTBf+5Xtyk54NhraJyMgg:fcxMc4KJvKTBm5EqJyMgg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a8c96ddc630f1b564f110f7fb36e2773375d323852b4257ce2baedd9be56cd3

Files

4a8c96ddc630f1b564f110f7fb36e2773375d323852b4257ce2baedd9be56cd3
.exe windows:5 windows x86 arch:x86

52c93d56b59f2cac64b1c7285b76568d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

kernel32

WriteConsoleW
GetConsoleOutputCP
CreateThread
ReadFile
SetFilePointer
WriteFile
FindClose
FindNextFileW
FindFirstFileW
WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryA
MoveFileExW
GetDiskFreeSpaceW
SetFileAttributesW
CopyFileW
GetModuleFileNameW
GetLastError
CreateDirectoryW
RemoveDirectoryW
DeleteFileW
CreateDirectoryA
CloseHandle
SetFileTime
CreateFileW
MoveFileW
GetFileSize
GetWindowsDirectoryW
GetTempPathW
GetExitCodeThread
ResumeThread
GetExitCodeProcess
CreateProcessW
GetVersion
FindFirstFileA
WideCharToMultiByte
CreateFileA
WriteConsoleA
FlushFileBuffers
GetProcessHeap
SetEndOfFile
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
SetHandleCount
GetFileType
GetModuleHandleW
Sleep
ExitProcess
GetFileAttributesW
RtlUnwind
MultiByteToWideChar
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RaiseException
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle

user32

CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
LoadStringA
SetWindowTextA
GetDlgItemTextW
SetDlgItemTextW
MessageBoxW
DestroyWindow
LoadStringW
RegisterClassA
DefWindowProcA
PostQuitMessage
LoadImageA
LoadIconA
DrawIcon
EndDialog
GetDlgItem
MessageBoxA
ShowWindow
PostMessageA
SendMessageA
GetDC

shell32

ShellExecuteExW

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52c93d56b59f2cac64b1c7285b76568d

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

version

kernel32

user32

shell32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 28KB - Virtual size: 28KB