c4a6a667d280bf58172d70b5cc2ab283

Sharing

Copy URL

Twitter E-mail

General

Target

c4a6a667d280bf58172d70b5cc2ab283
Size

104KB
MD5

c4a6a667d280bf58172d70b5cc2ab283
SHA1

591be136c30f6141ca137fb5259fc0d1e1e8c956
SHA256

6fdf71cc2e23c89add7da89bd3960d20f65ab166d5d3facdb739bde5950d3df2
SHA512

2e2dc85a4c4e6a61a1d666d23d1aec9244725e83a25d960fc641acf65e8ce2e51402791bc2af74c697472b1a3f852e371a0a4de955013d04dc90c3d04355705b
SSDEEP

1536:S6HGhwSsky22UJ826eeJo5FRfW5RWTiXJ3j++PObZJTA5:S6HGhGkckeJoFfYWTiXJ3i+AZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4a6a667d280bf58172d70b5cc2ab283

Files

c4a6a667d280bf58172d70b5cc2ab283
.exe windows:4 windows x86 arch:x86

7ecf453094136285d8d10465f2165610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strrchr
memcmp
strcpy
memset
__CxxFrameHandler
??2@YAPAXI@Z
sprintf
strstr
srand
time
_access
free
malloc
rand
strlen
strncpy
atol
rename
strcmp
strcat
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??1type_info@@UAE@XZ
_stricmp
_strcmpi
_ltoa
_rmdir
_chmod
_strupr
_strlwr
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
memchr
memmove
??3@YAXPAX@Z
strchr
sscanf
memcpy
strcspn
atoi
_chdrive
_chdir
_strnicmp

kernel32

LockResource
FreeResource
GetTempFileNameA
TerminateProcess
GetModuleHandleA
lstrcpyA
WideCharToMultiByte
lstrlenW
Sleep
lstrlenA
LoadResource
lstrcpynA
IsDebuggerPresent
FreeLibrary
LoadLibraryA
ResetEvent
WaitForSingleObject
SetEvent
CreateEventA
CloseHandle
ReadFile
CreateFileA
DeleteFileA
lstrcatA
GetTempPathA
GetSystemDirectoryA
GetTickCount
GetModuleFileNameA
GetLastError
WriteFile
SetFilePointer
GetFileSize
CopyFileA
RemoveDirectoryA
lstrcmpiA
CreateProcessA
OpenProcess
GetCurrentProcessId
GetLocalTime
GetStartupInfoA
GetCurrentProcess
CreateDirectoryA
MultiByteToWideChar
FormatMessageA
SizeofResource
FindResourceA
GetProcAddress
LocalFree
GetVersionExA
LocalAlloc
InterlockedExchange
InterlockedDecrement
RaiseException

user32

GetClientRect
SetForegroundWindow
CreateWindowExA
DestroyWindow
RegisterClassExA
LoadCursorA
DefWindowProcA
GetSystemMetrics
PostQuitMessage
PeekMessageA
SetWindowPos
SendMessageA
FindWindowExA
IsWindow
SetTimer
KillTimer
GetMessageA
LoadStringA
TranslateMessage
DispatchMessageA
CharLowerA
FindWindowA
GetDlgItem
IsWindowVisible
GetDlgItemTextA
SetDlgItemTextA
BeginPaint
DrawTextA
GetDesktopWindow
FlashWindow
GetWindowThreadProcessId
ReleaseDC
GetDC
EndPaint
DialogBoxParamA
EndDialog
CharUpperA
GetActiveWindow
MessageBoxA
PostMessageA
LoadIconA
ShowWindow
MoveWindow

gdi32

GetDeviceCaps
CreateSolidBrush
SetTextColor
CreateFontA
Rectangle
SelectObject
SetBkColor

advapi32

AdjustTokenPrivileges
RegDeleteKeyA
RegCreateKeyExA
CryptDecrypt
CryptAcquireContextA
CryptDestroyKey
CryptDestroyHash
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptReleaseContext
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegConnectRegistryA
RegOpenKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

urlmon

URLDownloadToCacheFileA
URLDownloadToFileA

wininet

InternetOpenA
InternetReadFile
InternetCrackUrlA
InternetCloseHandle
InternetGetConnectedState
InternetOpenUrlA

ole32

OleRun
CoUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString
GetErrorInfo
SysFreeString
VariantInit
SysStringLen
VariantCopy
VariantClear
VariantChangeType

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7ecf453094136285d8d10465f2165610

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shell32

urlmon

wininet

ole32

oleaut32

version

Sections

.text Size: 88KB - Virtual size: 88KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 12KB - Virtual size: 12KB