c4ac6ac4d859fe779fecd6fad2afa6a3

General

Target

c4ac6ac4d859fe779fecd6fad2afa6a3
Size

46KB
MD5

c4ac6ac4d859fe779fecd6fad2afa6a3
SHA1

0bae105d23bd526e0c61b8ad014f2c7c59f60b52
SHA256

d29661725fc19e8ef0d16883641fdfd92f1efe356c7962237ec6826d57948feb
SHA512

17085973808ed96d97aa7c62919cee08a6eafbfef5b822aae6b098ee4f20085fa4f59b405974e89cd386b306235e81c1d4a32567d866127a9fe80c2c52723bde
SSDEEP

768:bmNMUdVcom91QjZ9op++KT54joQUsAOQDa/omPdnX+G7txmeCrSm1zIdNA5EUIMY:QtQRAjZ9op+14joOAOQGTGZOm1qNiEBE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4ac6ac4d859fe779fecd6fad2afa6a3

Files

c4ac6ac4d859fe779fecd6fad2afa6a3
.exe windows:5 windows x86 arch:x86

0e7a63f00a5fc18269a504df5b83e658

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardState
GetIconInfo
MsgWaitForMultipleObjects
EndDialog
OpenWindowStationA
CloseWindowStation
DispatchMessageW
FindWindowExW
CloseDesktop
GetDlgItemTextA
PeekMessageW
GetWindowTextW
GetClipboardData
CharLowerBuffA
PeekMessageA
LoadCursorW
GetMessageW
GetDlgItem
ToUnicode
GetClassNameW
SendMessageW
GetDlgItemTextW
GetCursorPos
GetMessageA
GetWindowLongW
GetWindowThreadProcessId
OpenDesktopA
GetForegroundWindow
ExitWindowsEx
DrawIcon
GetKeyState
SetProcessWindowStation
SetThreadDesktop

kernel32

GetVersionExW
GlobalLock
WideCharToMultiByte
HeapAlloc
GetFileSizeEx
CreateProcessW
CreateFileW
ReleaseMutex
GetFileTime
GetTempFileNameW
GetProcessTimes
WriteFile
GetSystemTimeAsFileTime
lstrcpyW
GetLastError
GetTickCount
FindResourceW
FindNextFileW
InitializeCriticalSection
lstrcmpiW
GetCommandLineA
GetSystemTime
CreateEventW
MoveFileExW
ExpandEnvironmentStringsW
GetTimeZoneInformation
GetModuleHandleA
SetFileTime
OpenMutexW
WriteProcessMemory
lstrcatA
CreateMutexW
GetTempPathW
GetModuleFileNameA
lstrcpyA
HeapFree
GetLogicalDrives
GetCurrentProcessId
GetExitCodeProcess
OpenProcess
SetFilePointer
ResetEvent
CopyFileW
GlobalUnlock
GetComputerNameW
CreateDirectoryW
lstrcpynW
UnmapViewOfFile
GetProcessHeap
GetModuleFileNameW
MapViewOfFile
CloseHandle
GetUserDefaultUILanguage
FlushFileBuffers
CreateThread
GetFileSize
MultiByteToWideChar

Sections

.qzop
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pqf
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rydez
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e7a63f00a5fc18269a504df5b83e658

Headers

File Characteristics

Imports

user32

kernel32

Sections

.qzop Size: 36KB - Virtual size: 56KB

.pqf Size: 2KB - Virtual size: 4KB

.rydez Size: 7KB - Virtual size: 76KB

.qzop
Size: 36KB - Virtual size: 56KB

.pqf
Size: 2KB - Virtual size: 4KB

.rydez
Size: 7KB - Virtual size: 76KB