b4a6a68742d28afff3ede3a99ce397d7

Sharing

Copy URL Twitter E-mail

General

Target

b4a6a68742d28afff3ede3a99ce397d7
Size

180KB
MD5

b4a6a68742d28afff3ede3a99ce397d7
SHA1

f039b458d39bd52f9bf2ea1391a41b6560d5be91
SHA256

5aff31bfa9feb926974c36920d875c8b38bf8993958bc259e18fb1c9455297e7
SHA512

78126053758bb2e78b60414ff39a350651f3820741ecd6f22317ed9c750d0473d873dee9b88fada688c0a14a8dd00041388c4928c5021f2343743be3cec1c800
SSDEEP

3072:Oyavlss2IaAK+VF61fqhEKKxE1VLNYgDCyIMFCoho/Bqxa:bsLaAKOF9EKKxEfig3Ib0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4a6a68742d28afff3ede3a99ce397d7

Files

b4a6a68742d28afff3ede3a99ce397d7
.exe windows:4 windows x86 arch:x86

d361359cd55f2a74249a4188e32795a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Destroy
ImageList_DrawEx
ImageList_Create

advapi32

RegEnumKeyA
RegQueryValueExA

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA
ChooseColorA
FindTextA
GetFileTitleA
GetOpenFileNameA

ole32

CLSIDFromString
CoCreateInstanceEx
OleCreateStaticFromData
CoReleaseMarshalData
CoRegisterClassObject
OleRegGetUserType
CoFreeUnusedLibraries
CoTaskMemFree
OleRun

version

GetFileVersionInfoSizeA
VerQueryValueA
VerInstallFileA

gdi32

CreateCompatibleDC
CreateDIBitmap
GetPaletteEntries
SetBkColor

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
VariantChangeType

kernel32

VirtualFree
GetCommandLineW
GetVersionExA
VirtualQuery
ExitThread
VirtualAlloc
lstrlenW
GetACP
GetLastError
IsBadReadPtr
GetModuleHandleA
GetProcAddress
GetModuleHandleW
WriteFile
WaitForSingleObject
LoadLibraryExA
VirtualAllocEx
lstrlenA
ExitProcess
lstrcpyA
WideCharToMultiByte

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
SHGetDiskFreeSpaceA
SHFileOperationA

shlwapi

PathIsContentTypeA
PathFileExistsA
PathGetCharTypeA
SHEnumValueA
SHDeleteKeyA
SHSetValueA
SHStrDupA

msvcrt

wcschr
atol

user32

CreateIcon
MapWindowPoints
MapVirtualKeyA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d361359cd55f2a74249a4188e32795a1

Headers

File Characteristics

Imports

comctl32

advapi32

comdlg32

ole32

version

gdi32

oleaut32

kernel32

shell32

shlwapi

msvcrt

user32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 1KB

.adata Size: 4KB - Virtual size: 281B

DATA Size: 72KB - Virtual size: 68KB

.bdata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 772B

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 1KB

.adata
Size: 4KB - Virtual size: 281B

DATA
Size: 72KB - Virtual size: 68KB

.bdata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 772B