c4aee34711c8f7cde7b1083cb5b5933f

Sharing

Copy URL Twitter E-mail

General

Target

c4aee34711c8f7cde7b1083cb5b5933f
Size

81KB
MD5

c4aee34711c8f7cde7b1083cb5b5933f
SHA1

4e477087f6240959941bfe5320d1d7a99d999f20
SHA256

eb0d06a0207fab77347a92c7926227ccc4e493bd073671762a93be6ad9ba454d
SHA512

e204efb94ae6f1ef88eb3f6edd3d3f774f999ba1e5c023377cf64f938a7813b4b0150efa37df4e35a1574d00213a5b0dab4e0ce7198a76b7555e1e5f1d805b85
SSDEEP

1536:O4o3aQx/qLeiiV5r4Lcs4i4MYcJko03rXoaZliD+Ic:Zo31CL7Y5cT4i4MYcJkoAXZeD+I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4aee34711c8f7cde7b1083cb5b5933f

Files

c4aee34711c8f7cde7b1083cb5b5933f
.exe windows:4 windows x86 arch:x86

9a3b4153d26709af88385f98e53898fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GetShortPathNameA
MoveFileExA
GetSystemDirectoryA
RemoveDirectoryA
FindResourceA
WritePrivateProfileStringA
FreeLibrary
CreateProcessA
GetProcAddress
LoadLibraryA
LoadResource
LockResource
FindFirstFileA
FindClose
lstrcpyA
lstrcatA
GetCurrentDirectoryA
Sleep
CopyFileA
CreateDirectoryA
GetStartupInfoA
GetModuleHandleA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
SetFilePointer
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
ReadFile
SetEndOfFile
GetWindowsDirectoryA
GetLastError
DeleteFileA
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetFileAttributesA
SetFileAttributesA
MoveFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetLocalTime
GetEnvironmentStringsW
VirtualAlloc
GetCommandLineA
GetVersion
CloseHandle
WriteFile
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
IsBadWritePtr
FlushFileBuffers
WideCharToMultiByte
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

EndDialog
SetWindowLongA
GetWindowLongA
DlgDirSelectExA
DialogBoxParamA
GetActiveWindow
GetDlgItemTextA
DlgDirListA
SetCursor
LoadCursorA
MessageBoxA
LoadIconA
SendMessageA
LoadStringA
CheckDlgButton
GetDlgItem
EnableWindow
SetDlgItemTextA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegEnumValueA
RegDeleteValueA

shell32

FindExecutableA
ShellExecuteA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a3b4153d26709af88385f98e53898fb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

version

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 31KB - Virtual size: 32KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 31KB - Virtual size: 32KB