c4500436c79c8622a9603836f65fc66a

Sharing

Copy URL Twitter E-mail

General

Target

c4500436c79c8622a9603836f65fc66a
Size

341KB
MD5

c4500436c79c8622a9603836f65fc66a
SHA1

1425c07c4fe68039511c60baecb8eed69e753e4f
SHA256

81cea62c41073c1891eb95f3ed6a6006e49e615eadd3b5d27821fccb05515b77
SHA512

412f8a3f1fac9c09d1ca81e77b6ef0bc49b625324c699062a4ee152396668edcd2634328c9f9042bcb962ea0a36ed6395055962aaf967d1d26b9b409b63ab349
SSDEEP

6144:4LaPY47kaFNl/gmcutT0BZKG3hFoK6e6wrnRgLOmcM24QiV:4HraFNxgmcQ0BZL7fnO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4500436c79c8622a9603836f65fc66a

Files

c4500436c79c8622a9603836f65fc66a
.exe windows:4 windows x86 arch:x86

20b876c4ac82708d99c6d45b396af47d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\arzzraxwgs\lszpes\negrzge\ysptkcc\tmzft\esdeoaeo.pdb

Imports

user32

ScrollDC
WinHelpW
GetMenuStringA
CreateDialogIndirectParamW
SwitchDesktop
RealChildWindowFromPoint
SetThreadDesktop
GetKeyboardLayoutNameA
RegisterClassExA
RegisterClassA
SetCapture
DdeClientTransaction
DdeGetLastError
PostMessageW

comdlg32

LoadAlterBitmap
ReplaceTextW
ChooseColorW

kernel32

GetWindowsDirectoryW
GetStringTypeA
CreateMutexA
GetStringTypeW
GetTimeZoneInformation
lstrlenW
GetACP
EnterCriticalSection
GetStdHandle
GetTimeFormatA
CompareStringW
ExitProcess
GetModuleFileNameW
GetSystemTimeAsFileTime
GetLocaleInfoA
LCMapStringW
HeapFree
TerminateProcess
IsDebuggerPresent
SetThreadPriority
Sleep
GetOEMCP
SetFileAttributesW
InterlockedDecrement
GetLastError
InterlockedIncrement
LCMapStringA
VirtualAlloc
QueryPerformanceCounter
GetTickCount
HeapDestroy
WritePrivateProfileStructW
SetUnhandledExceptionFilter
CloseHandle
GetConsoleOutputCP
GetConsoleCP
DebugBreak
GetCurrentProcess
HeapReAlloc
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
WriteProfileStringW
WriteConsoleW
CommConfigDialogA
LoadModule
GetCurrentThreadId
OpenSemaphoreA
GetProcAddress
GetLocaleInfoW
EnumSystemLocalesA
WideCharToMultiByte
CompareFileTime
SetConsoleCtrlHandler
WriteFile
LoadLibraryA
CompareStringA
MultiByteToWideChar
GetUserDefaultLCID
TlsAlloc
FlushFileBuffers
SetLastError
SetHandleCount
GetCurrentThread
GetFileType
OpenMutexA
IsValidCodePage
SetStdHandle
LeaveCriticalSection
HeapSize
ReadFile
VirtualQuery
TlsFree
WriteConsoleA
IsValidLocale
GetSystemDefaultLangID
FindFirstFileA
UnhandledExceptionFilter
InterlockedExchange
GetModuleHandleA
SetEnvironmentVariableA
FreeLibrary
GetModuleHandleW
RtlZeroMemory
GetCPInfo
PulseEvent
GetCurrentProcessId
RtlUnwind
GetCommandLineW
GetCommandLineA
CreateFileA
HeapAlloc
TlsSetValue
GetEnvironmentStringsW
GetConsoleMode
VirtualFree
GetDateFormatA
GetModuleFileNameA
GetCompressedFileSizeA
HeapCreate
SetFilePointer
FreeEnvironmentStringsW

wininet

FindNextUrlCacheEntryExA
FreeUrlCacheSpaceW
FindNextUrlCacheContainerA
InternetCrackUrlA
InternetTimeFromSystemTimeW
InternetCreateUrlW
DeleteUrlCacheEntryW

comctl32

CreateMappedBitmap
ImageList_LoadImage
ImageList_Destroy
ImageList_GetIconSize
ImageList_GetImageCount
CreateStatusWindowA
ImageList_GetIcon
_TrackMouseEvent
ImageList_Draw
DestroyPropertySheetPage
DrawInsert
ImageList_Copy
ImageList_LoadImageW
ImageList_Create
InitCommonControlsEx
CreateToolbar

advapi32

CryptEnumProvidersW
CryptGetKeyParam
RegConnectRegistryA
CryptSetProviderExA
GetUserNameW
RegSaveKeyA
AbortSystemShutdownA
CryptGetProvParam
InitiateSystemShutdownA
LookupAccountSidA
RegSetValueExW
LookupAccountSidW
CryptContextAddRef
RegOpenKeyExW
CryptCreateHash
RegSetValueA
RegCreateKeyA
CryptSignHashA

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20b876c4ac82708d99c6d45b396af47d

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

kernel32

wininet

comctl32

advapi32

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 28KB - Virtual size: 57KB

.data Size: 89KB - Virtual size: 88KB

.rsrc Size: 43KB - Virtual size: 42KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 28KB - Virtual size: 57KB

.data
Size: 89KB - Virtual size: 88KB

.rsrc
Size: 43KB - Virtual size: 42KB