c4a3f284efd8c8e28d4af70ab39e7ede

Sharing

Copy URL Twitter E-mail

General

Target

c4a3f284efd8c8e28d4af70ab39e7ede
Size

617KB
MD5

c4a3f284efd8c8e28d4af70ab39e7ede
SHA1

60f745b141f0acfda281439b2615adf3104b0d33
SHA256

9df28e611776d93ec1452cf6016d90ca4140f3421bf0dc82f1c940a524f079ea
SHA512

56cfb9298ec22986333bc6d98f07303a61a438e62c89839de0548928e3f054b93fe07ac4b7cc9f9a8fd0ad3e2a7696d2e0960a4104a23cde966f6ad93f09b40a
SSDEEP

12288:sBXEXw86N245XTVe70gwxr8YMAqcAohxsOiehh2VQM+WStvBGaJLpNTA0SLnLR:qb8qKThyhxsxereQThnpJLpNTKL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4a3f284efd8c8e28d4af70ab39e7ede

Files

c4a3f284efd8c8e28d4af70ab39e7ede
.exe windows:4 windows x86 arch:x86

89e398124cfa57498e7e51aeecb25f07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LogonUserW
LookupSecurityDescriptorPartsW
CryptEncrypt
CryptDestroyHash
GetUserNameW
RegSaveKeyA
RegQueryMultipleValuesA
RegQueryInfoKeyW
RegLoadKeyW
RegQueryValueW

kernel32

SetUnhandledExceptionFilter
GetOEMCP
FlushFileBuffers
GetStringTypeW
HeapValidate
GetTickCount
SetCriticalSectionSpinCount
SetStdHandle
GetProcessHeap
GetEnvironmentStringsW
LeaveCriticalSection
WriteFile
InterlockedDecrement
CompareStringA
UnlockFileEx
GetEnvironmentStrings
IsValidLocale
MoveFileW
LCMapStringA
LCMapStringW
InterlockedIncrement
VirtualQuery
CloseHandle
GetLastError
RtlUnwind
GetLocaleInfoA
GetCommandLineA
CreateFileA
GetWindowsDirectoryA
ExitProcess
GetCurrencyFormatW
HeapReAlloc
GetTimeZoneInformation
TlsFree
HeapFree
TlsGetValue
GetUserDefaultLCID
EnterCriticalSection
SetComputerNameA
GetConsoleOutputCP
FreeLibrary
GetDateFormatA
OutputDebugStringA
SetHandleCount
ReleaseSemaphore
GetConsoleCP
GetModuleFileNameW
VirtualAlloc
EnumSystemLocalesA
IsBadReadPtr
GetStartupInfoA
HeapDestroy
GetEnvironmentVariableW
GetModuleHandleA
TlsAlloc
GetCPInfo
WaitNamedPipeW
WaitForSingleObjectEx
GetStringTypeA
SetConsoleCtrlHandler
GetStartupInfoW
lstrlenA
GetCurrentDirectoryA
HeapAlloc
GetCurrentProcessId
SetEnvironmentVariableA
TlsSetValue
GetCurrentThread
OutputDebugStringW
GetSystemTimeAdjustment
UnhandledExceptionFilter
HeapCreate
MultiByteToWideChar
IsValidCodePage
DebugBreak
FreeEnvironmentStringsA
WriteConsoleA
VirtualFree
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointer
GetACP
FindResourceW
LoadLibraryW
DeleteAtom
CreateThread
WaitForSingleObject
GetSystemTimeAsFileTime
GetProcAddress
GetVersionExA
SetLocalTime
GetLocaleInfoW
GetCommandLineW
GetCurrentProcess
CompareStringW
InitializeCriticalSection
TerminateProcess
InterlockedExchange
GetCurrentThreadId
GetTimeFormatA
LoadLibraryA
GetProfileSectionA
RaiseException
FreeEnvironmentStringsW
DeleteCriticalSection
GetFileType
GetVolumeInformationW
WideCharToMultiByte
IsDebuggerPresent
SetLastError
WriteConsoleW
GetConsoleMode
GetStdHandle
FindResourceExW

gdi32

SetMapMode
SetTextColor
LPtoDP
GetBoundsRect
CreateRectRgnIndirect
ArcTo
Ellipse
DPtoLP
GetDeviceGammaRamp
EndPage
GetCurrentObject
CreateCompatibleDC
SetWindowOrgEx
GetTextAlign
GetEnhMetaFileDescriptionA
SetBitmapBits

shell32

SHAddToRecentDocs
SHGetFileInfoA
ShellAboutA
RealShellExecuteA

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89e398124cfa57498e7e51aeecb25f07

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

shell32

Sections

.text Size: 281KB - Virtual size: 280KB

.rdata Size: 43KB - Virtual size: 74KB

.data Size: 287KB - Virtual size: 287KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 281KB - Virtual size: 280KB

.rdata
Size: 43KB - Virtual size: 74KB

.data
Size: 287KB - Virtual size: 287KB

.rsrc
Size: 4KB - Virtual size: 4KB