c4fcd7e57824af0859b27f057d42cc77

Sharing

Copy URL Twitter E-mail

General

Target

c4fcd7e57824af0859b27f057d42cc77
Size

146KB
MD5

c4fcd7e57824af0859b27f057d42cc77
SHA1

8520a5ad2ac792b29193381ae3ddaee251cb17ba
SHA256

e6f0d6e7c178746eff598c678294ba067119bfe2213dd4bfd7d9b6db92f647c4
SHA512

8e7e2bf0e8571846fc64e30f5abc49dbc54c97c0a0bea959da2ea3c2f34f66148795b77b6f7c028061ce0d89c46a84f88d732914313d8079ced6f99797b285b3
SSDEEP

3072:sBhUvg3oghAYtbwyjHZqB5EVixiBkJUunF/Qy9oj/nbP2+h04Q8H2wl+:jIDCGkDHiBkvne7be+JQ2Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4fcd7e57824af0859b27f057d42cc77

Files

c4fcd7e57824af0859b27f057d42cc77
.exe windows:4 windows x86 arch:x86

be2f37f7c28112787ade52fd0d2b6e5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowExA
SetDlgItemInt
ChildWindowFromPoint
DialogBoxParamA
IsWindowUnicode
GetMessageTime
PostThreadMessageA
GetQueueStatus
GetWindowTextLengthA

ole32

CoFileTimeToDosDateTime
OleIsCurrentClipboard
CreateAntiMoniker
CoRevokeClassObject
CoSuspendClassObjects
CoGetClassObject
OleRegGetMiscStatus

oledlg

ord7
ord8
ord6
ord11
ord2
ord10
ord3
ord1

comctl32

ord8
ord6
ord14
PropertySheetA
CreatePropertySheetPageW
CreateStatusWindowW
PropertySheetW
UninitializeFlatSB

advapi32

RegDeleteValueA
RegQueryMultipleValuesA
RegSetValueExA
RegEnumKeyA
RegCloseKey
RegOpenKeyA

urlmon

CreateAsyncBindCtx

shlwapi

StrRChrW
StrCSpnA

kernel32

EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
LeaveCriticalSection
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualFree
WritePrivateProfileSectionA
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
WriteProfileSectionA
WritePrivateProfileStructA
GetPrivateProfileSectionA
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

frug
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pvnrta
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be2f37f7c28112787ade52fd0d2b6e5c

Headers

File Characteristics

Imports

user32

ole32

oledlg

comctl32

advapi32

urlmon

shlwapi

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 95KB

frug Size: 275KB - Virtual size: 275KB

pvnrta Size: 117KB - Virtual size: 117KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 95KB

frug
Size: 275KB - Virtual size: 275KB

pvnrta
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 5KB - Virtual size: 5KB