c4d21cec87a65dba489b033e1846c41b

Sharing

Copy URL Twitter E-mail

General

Target

c4d21cec87a65dba489b033e1846c41b
Size

608KB
MD5

c4d21cec87a65dba489b033e1846c41b
SHA1

3b67fd8d1e7756cb3f11a1cd74fa55c8c84d9867
SHA256

fd80e7d9f830fac715c1652772430a2e36c445ea1862019acd809690f85ac48a
SHA512

d2bd767d745283b5553c883bc1103b48087e81fe463330bc1070d273d5a526333bf16069787226ae0ccbce0d8c287bff19f3e4be3e8c8b348794687fa783ddb5
SSDEEP

12288:OmHfnjMY7GUkRXUzbbBTQEsbRlKl1o9mgrjFjGQmDF9:OmvjMdRXUzNQLX2m93rjVFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4d21cec87a65dba489b033e1846c41b

Files

c4d21cec87a65dba489b033e1846c41b
.exe windows:4 windows x86 arch:x86

e379f9376daf63ce1c18472fc7dff606

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollInfo
CharToOemW
IntersectRect
OemKeyScan
GetPriorityClipboardFormat
SetClipboardData
BeginDeferWindowPos
LoadCursorFromFileW
wvsprintfA
LoadBitmapW
EndTask
SetMessageExtraInfo
DestroyWindow
CharLowerBuffA
BeginPaint
DefWindowProcW
SwitchToThisWindow
SetClipboardViewer
OffsetRect
DdeKeepStringHandle
GetClipboardData
MenuItemFromPoint
SetMenuItemInfoW
MoveWindow
GetMessageW
GetDlgItemTextA
LoadMenuA
CreateDialogIndirectParamW
ExcludeUpdateRgn
ChangeClipboardChain
DrawTextExA
GetClassNameW
MessageBoxW
SubtractRect
NotifyWinEvent
ShowWindow
SetParent
EnumDisplaySettingsExW
GetNextDlgGroupItem
SetMenuDefaultItem
SwapMouseButton
EnumDesktopsW
CharToOemBuffA
DialogBoxIndirectParamW
GetMonitorInfoA
CreateMenu
ClipCursor
InsertMenuW
DdeFreeDataHandle
GetMenuDefaultItem
SetLastErrorEx
CreateDesktopA
CallMsgFilterA
GetMessageA
LoadImageA
CreateWindowExA
SendMessageTimeoutA
ShowOwnedPopups
RegisterClassA
EditWndProc
DialogBoxIndirectParamA
RegisterClipboardFormatW
DrawTextA
TranslateAcceleratorA
MessageBoxA
SetUserObjectInformationA
RegisterClassExW
GetDoubleClickTime
GetKeyNameTextW
IsDialogMessageW
GetMessageExtraInfo
GetTabbedTextExtentW
RegisterClassExA
IsCharAlphaA

kernel32

GetLocaleInfoA
EnumDateFormatsExA
InterlockedDecrement
GlobalFix
GetTickCount
GetShortPathNameA
GetLocaleInfoW
GetThreadPriority
EnumSystemCodePagesW
IsValidLocale
EnumDateFormatsW
CreateMailslotW
TerminateThread
GetTempFileNameA
HeapReAlloc
LockFile
GetVolumeInformationA
FlushViewOfFile
SetUnhandledExceptionFilter
HeapCreate
CreateMutexA
GetDiskFreeSpaceA
CompareStringW
IsDebuggerPresent
SetEvent
SetConsoleTextAttribute
WideCharToMultiByte
GetProcessAffinityMask
QueryPerformanceCounter
GetThreadSelectorEntry
CreateToolhelp32Snapshot
WriteConsoleW
GetSystemTimeAsFileTime
ReadFile
OpenEventA
IsValidCodePage
LCMapStringW
GetACP
GetDateFormatA
OpenMutexA
DeleteCriticalSection
LCMapStringA
GetPrivateProfileSectionW
EnterCriticalSection
GlobalUnlock
HeapSize
GetProcAddress
UnlockFile
GetCPInfo
LoadLibraryA
FlushFileBuffers
GetFullPathNameA
EnumSystemLocalesA
FoldStringW
MoveFileExW
InterlockedExchange
WriteConsoleA
SetStdHandle
ExitProcess
SetFileTime
GetTimeFormatA
GetDiskFreeSpaceExW
GetConsoleMode
lstrcat
CreateNamedPipeW
CreateFileA
VirtualFree
GetCurrentDirectoryA
HeapFree
InterlockedIncrement
GetProfileStringW
GetProcessHeaps
CreateNamedPipeA
GetUserDefaultLCID
GetFileAttributesExW
GetModuleHandleW
GetModuleFileNameA
FreeEnvironmentStringsW
TryEnterCriticalSection
HeapDestroy
OpenWaitableTimerW
GetCurrencyFormatA
GetCommandLineA
EnumTimeFormatsA
CopyFileExA
VirtualQueryEx
GetStringTypeA
GetCurrentThread
SetConsoleCtrlHandler
VirtualQuery
GlobalAddAtomA
HeapLock
WritePrivateProfileSectionA
GetStringTypeW
SetEnvironmentVariableA
GetFileType
TlsSetValue
TlsFree
GetStdHandle
TerminateProcess
MultiByteToWideChar
VirtualAlloc
CloseHandle
HeapAlloc
GetConsoleCP
GetModuleHandleA
lstrcmpW
RtlZeroMemory
GetConsoleOutputCP
LocalFlags
GetStartupInfoA
GetNumberFormatA
TlsAlloc
GetConsoleTitleA
OpenEventW
GetAtomNameW
WaitNamedPipeW
WriteFile
GetOEMCP
EnumDateFormatsExW
FreeLibrary
GetLastError
GetTempPathW
Sleep
GetTimeZoneInformation
SetLastError
FreeEnvironmentStringsA
GetCurrentThreadId
EnumCalendarInfoW
SetConsoleScreenBufferSize
CreateDirectoryA
GetEnvironmentStringsW
UnhandledExceptionFilter
RtlUnwind
CompareStringA
SetFilePointer
LeaveCriticalSection
GetEnvironmentStrings
GetCurrentProcess
GetPrivateProfileSectionNamesW
SetHandleCount
CreateDirectoryExW
GetCurrentProcessId
TlsGetValue
FindNextFileW
InitializeCriticalSectionAndSpinCount

comctl32

ImageList_AddIcon
CreateUpDownControl
ImageList_BeginDrag
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_GetFlags
ImageList_Draw
ImageList_SetFilter
ImageList_GetIconSize
InitCommonControlsEx
GetEffectiveClientRect
ImageList_Replace
ImageList_Add
ImageList_GetImageInfo

gdi32

GdiPlayScript
GetPixel
SetRectRgn
EndPath
CombineTransform

wininet

InternetConfirmZoneCrossingW
RunOnceUrlCache
InternetWriteFileExW

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e379f9376daf63ce1c18472fc7dff606

Headers

File Characteristics

Imports

user32

kernel32

comctl32

gdi32

wininet

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 276KB - Virtual size: 272KB

.data Size: 108KB - Virtual size: 121KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 276KB - Virtual size: 272KB

.data
Size: 108KB - Virtual size: 121KB

.rsrc
Size: 60KB - Virtual size: 59KB