b4ab5db45814ed10c102da716e85e675

General

Target

b4ab5db45814ed10c102da716e85e675
Size

94KB
MD5

b4ab5db45814ed10c102da716e85e675
SHA1

4453f46edea826e50c2880e542e12a6d5c7a9479
SHA256

83682960dcef075c2cb283cf08cbedd2d99ee8960d8b084b6fe135e653cde5da
SHA512

ae03b5be343d4975e56c6d0c01734a1eba36ecf9969423368b931f7f3fdc35efa29fcf081368ecc966d6b52109e70481a99673c00033f4b2bb87e4734432c2d0
SSDEEP

1536:ElgVyeyK5Ic0RUCzpOuSkZ7aB2x8R3D/javRjG6Wcc/E4:FVyeyK6c0blqkZ7aB2xA3D+vRjM/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4ab5db45814ed10c102da716e85e675

Files

b4ab5db45814ed10c102da716e85e675
.exe windows:5 windows x86 arch:x86

9c4e333112f96ab8ef07c9b575d14dcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\AtmuX\XrbIrqc\WJiofc\ggot.pdb

Imports

comctl32

ImageList_Remove
ImageList_GetIconSize
InitCommonControlsEx
ImageList_Destroy

gdi32

StretchBlt
GetStockObject
ScaleViewportExtEx
CreateRoundRectRgn
LineTo
SelectClipRgn
StretchDIBits

kernel32

EnterCriticalSection
CancelIo
OpenEventA
GlobalFindAtomW
lstrcmpiW
SetHandleInformation
HeapReAlloc
GetStartupInfoW
SetThreadPriority
WriteFile
GetModuleHandleW
IsValidLanguageGroup
GetProcAddress
WaitForMultipleObjects

user32

SetMenuDefaultItem
CharNextW
CopyRect
SetScrollInfo
MapWindowPoints
DrawMenuBar
CharToOemBuffA
CharNextExA
IsDialogMessageA
FindWindowA
SetFocus
GetMenuState
GetMessageExtraInfo

Exports

Exports

?krtlzfuxmezuwraAe@@YGNJE@Z
?GijaqcGajtawivd@@YGPAIFPAH@Z
?TqfcrFWmpvazPse@@YG_NGPAF@Z
?ESIpxTIhkqMsWfhuvjTd@@YGPAIPAJPAK@Z
?SqPgVuclrpQBmXuoUx@@YGJGPAH@Z
?DigLlctpzbkuiNdcgj@@YGXM@Z

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c4e333112f96ab8ef07c9b575d14dcb

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 23KB

.crt Size: 10KB - Virtual size: 10KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 23KB

.crt
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 2KB - Virtual size: 1KB