c4c67f9892d399f8e54871aad5277abb

General

Target

c4c67f9892d399f8e54871aad5277abb
Size

128KB
MD5

c4c67f9892d399f8e54871aad5277abb
SHA1

a32fa6b311e42c06aed672fc384e8f2032efe821
SHA256

84548282c4b0ad41d11dad438e53abe7fb0e55f25daa0144b867728de72ed95f
SHA512

f9e0b1d676862b6d2fbe8601965d35a2f321c909becfa0d22457177c4557c4f18477fb8512b96595d13853d80b8bb2c3abe5a19fa3b998945b9ab4d26c3223da
SSDEEP

3072:Ys7JOHK9ssHe/Cvt/5qW9axjQMIdfS8a:Sq9xYbxLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4c67f9892d399f8e54871aad5277abb

Files

c4c67f9892d399f8e54871aad5277abb
.exe windows:4 windows x86 arch:x86

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
HeapAlloc
DeleteFileA
GetProcessHeap
GetLocaleInfoA
lstrcatA
SetThreadLocale
GetLastError
GetFileSize
RaiseException
LocalReAlloc
ExitProcess
GetLocalTime
GetFileAttributesA
SetEndOfFile
MoveFileExA
GetFileType
HeapFree
SetLastError
GetThreadLocale
EnterCriticalSection
GetCPInfo
ExitThread
GetDiskFreeSpaceA
GetModuleHandleA
GetStringTypeA
CompareStringA
MulDiv
VirtualFree
GetACP
GetEnvironmentStrings
VirtualAllocEx
WideCharToMultiByte
lstrcpyA
FormatMessageA
LoadLibraryExA
CreateFileA
GetModuleFileNameA
GetFullPathNameA
SetErrorMode
LoadResource
CreateEventA
FreeResource
lstrcmpiA
LocalAlloc
CloseHandle
Sleep
lstrcmpA
GetProcAddress
GetOEMCP
SetHandleCount
ResetEvent
VirtualAlloc
GlobalFindAtomA
GlobalAlloc
GetVersionExA
GetTickCount
LoadLibraryA

user32

GetActiveWindow
PostQuitMessage
GetFocus
IsWindowEnabled
GetCursor
DefFrameProcA
SetMenuItemInfoA
GetWindow
BeginPaint
EqualRect
ShowWindow
GetTopWindow
CreatePopupMenu
DeleteMenu
IsIconic
GetScrollInfo

gdi32

BitBlt
SetPixel
SetBkColor
CreateFontIndirectA
CreatePalette
CreatePenIndirect
GetRgnBox
GetObjectA

comctl32

ImageList_GetBkColor
ImageList_Remove
ImageList_Create
ImageList_Draw
ImageList_Write
ImageList_DrawEx

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

CODE Size: 33KB - Virtual size: 32KB

.rdata Size: 81KB - Virtual size: 80KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

CODE
Size: 33KB - Virtual size: 32KB

.rdata
Size: 81KB - Virtual size: 80KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB