b4489efac5878ccaf377e63255269bac

Sharing

Copy URL Twitter E-mail

General

Target

b4489efac5878ccaf377e63255269bac
Size

169KB
MD5

b4489efac5878ccaf377e63255269bac
SHA1

707460a4707ae198a66d8a3287a13a44696ecc22
SHA256

73fe1054f649c5c0bf87dd5a538cf0f14ad15f6e62b535f092ba02f06378dab4
SHA512

bcb16559237d3582cf00ec1295ee2f1256c2f44c16bfdda1064d45f2662927a1e4a83bc989e173568e7a19381404ecdc47ad2764f28e60197061af7903f97624
SSDEEP

3072:YBGXogWdOGMPhHqeRhOEfAmCuli3yzpG1hxxDghg2dOTQLM5EEC8O7r8JR:Y1gkMPYeRFImDfshzDw7OT15EHs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4489efac5878ccaf377e63255269bac

Files

b4489efac5878ccaf377e63255269bac
.exe windows:4 windows x86 arch:x86

d4f075b4c467f5c29deaad8a2e1d0d88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
EnableMenuItem
GetLastActivePopup
EndDeferWindowPos
GetParent
GetSysColorBrush
GetPropA
EnumThreadWindows
BeginPaint
IsMenu
DrawEdge
EnableWindow
DrawIconEx
IsChild
GetClassInfoA
EnumChildWindows
GetCapture
SetTimer
GetMenuState
ClientToScreen
GetActiveWindow
EndPaint
FrameRect
ShowWindow
DispatchMessageW
IsWindowVisible
HideCaret
GetClipboardData
EqualRect
DefWindowProcA
GetClientRect
CharNextA
DrawTextA
CharLowerA
DefFrameProcA

advapi32

RegLoadKeyA
RegQueryValueExA
RegQueryValueA
RegCreateKeyA

ntdll

wcscat
NtWaitForSingleObject
RtlDeleteCriticalSection
atoi

msvcrt

wcsncmp
mbstowcs
tolower
atol
memmove
wcscspn
sqrt
malloc
wcstol
_acmdln
clock
srand
memcpy
swprintf

kernel32

GetStringTypeW
HeapFree
GetLocaleInfoA
ResetEvent
CreateEventA
GetCommandLineA
GetStartupInfoA
GetThreadLocale
SizeofResource
GetProcAddress
lstrcpynA
ReadFile
SetFilePointer
Sleep
LoadLibraryA
GetFileType
VirtualAlloc
lstrcmpA
GetEnvironmentStrings
lstrcatA
GetFullPathNameA
EnumCalendarInfoA
CompareStringA
lstrcpyA
SetEvent
GlobalAlloc
FreeLibrary
WriteFile
VirtualFree
GetVersion
GetUserDefaultLCID
ExitThread
GetVersionExA
LocalFree
CreateFileA
GetCurrentThread
LocalAlloc
GlobalFindAtomA
GetCPInfo
WideCharToMultiByte
GetFileSize
GetOEMCP
SetThreadLocale
SetLastError
FindClose
GetDiskFreeSpaceA
CloseHandle
InitializeCriticalSection
MulDiv
GetDateFormatA
lstrlenA
VirtualAllocEx
GlobalDeleteAtom
SetHandleCount
GetProcessHeap
GetACP
MoveFileA
DeleteFileA
GetModuleFileNameA
GetStringTypeA
RaiseException
GetFileAttributesA
HeapAlloc
GetCurrentThreadId
EnterCriticalSection
FormatMessageA
ExitProcess
LocalReAlloc
SetErrorMode
GetModuleHandleA

Sections

4
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

0
Size: 117KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.8
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

5
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4f075b4c467f5c29deaad8a2e1d0d88

Headers

File Characteristics

Imports

user32

advapi32

ntdll

msvcrt

kernel32

Sections

4 Size: 38KB - Virtual size: 38KB

0 Size: 117KB - Virtual size: 184KB

.8 Size: 9KB - Virtual size: 8KB

5 Size: 1KB - Virtual size: 1KB

1 Size: 2KB - Virtual size: 1KB

4
Size: 38KB - Virtual size: 38KB

0
Size: 117KB - Virtual size: 184KB

.8
Size: 9KB - Virtual size: 8KB

5
Size: 1KB - Virtual size: 1KB

1
Size: 2KB - Virtual size: 1KB