b46848c32cc53a3a4cd0569ed2b6aab1

Sharing

Copy URL Twitter E-mail

General

Target

b46848c32cc53a3a4cd0569ed2b6aab1
Size

181KB
MD5

b46848c32cc53a3a4cd0569ed2b6aab1
SHA1

4183b55aece29acf0a936a07fa9f6a971ba07796
SHA256

94f8ca7df589553ccf24ed76b87995d61187c614e6e5bb9854ffd30efea8616b
SHA512

5e3fa735280964aa70d950fa159f949bbd811b5bb32358014e7e6e48302962c396540e1447bc4b9964e23aa68584972858b64a2056ee67adeb02e546ce8d1332
SSDEEP

3072:eNIIUnwUfJ92AXfzaoFuFE5nr08cCW1NrAmwrOqNZfJPL4iyS7w:eNI7wUfL2AXx11xcC6NcmwrfZfJ8iy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b46848c32cc53a3a4cd0569ed2b6aab1

Files

b46848c32cc53a3a4cd0569ed2b6aab1
.exe windows:5 windows x86 arch:x86

218a4701306086bb507ff01fd08b593e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\ndnGsfG\oprlmrsm\fmnr.pdb

Imports

ntdll

_aullrem

gdi32

SetROP2
CreatePatternBrush
TranslateCharsetInfo
RoundRect
EndDoc
CreateFontIndirectW

user32

GetSysColorBrush
GetScrollPos
OpenIcon
SendMessageW
GetWindow
LoadIconW
SwitchToThisWindow
DeleteMenu
ScrollWindowEx
GetPropW
SetScrollRange
DrawStateA

kernel32

lstrcmpiA
GetCommandLineA
LockFile
QueryDosDeviceW
GetCurrentDirectoryW
GetTempFileNameA
SetThreadAffinityMask
CallNamedPipeW
lstrlenW
GetModuleHandleW
GetSystemDirectoryW
FormatMessageW
FindResourceExW
GetProcAddress

comctl32

InitCommonControlsEx
ImageList_Read
ImageList_ReplaceIcon
ImageList_GetIcon

Exports

Exports

?dhzYxJx@@YGEPAFPAE@Z
?LXadnMaljwxtdwdvsndbd@@YGPAIPAI@Z
?wYvtrlfUqhnmglobwrue@@YGPA_NJPAM@Z
?CqdazNtq@@YGKJM@Z
?qpihhIldnyKgZhvJ@@YGXGH@Z
?kkiwbim@@YGPAXE@Z
?mqNgbkueDcknNsnCDsNi@@YGPAFM@Z

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

218a4701306086bb507ff01fd08b593e

Headers

File Characteristics

PDB Paths

Imports

ntdll

gdi32

user32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 25KB

.data Size: 142KB - Virtual size: 210KB

.edata Size: 1KB - Virtual size: 1KB

.crt Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 142KB - Virtual size: 210KB

.edata
Size: 1KB - Virtual size: 1KB

.crt
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB