c4ea1f8bf6a7f2bb0fff6cd2535c215b

Sharing

Copy URL Twitter E-mail

General

Target

c4ea1f8bf6a7f2bb0fff6cd2535c215b
Size

103KB
MD5

c4ea1f8bf6a7f2bb0fff6cd2535c215b
SHA1

fc97f58e6ac27255e41ee59000632de689957424
SHA256

a884ffe1ebb4e31f88058b00ff24e37414ceae1366f4f9068becf1402fced11f
SHA512

97df3547ddc7271b812c5ac05fdea8845b908bf82c100f6c928f59c0d56b1800b50b03eb82909049138e98a018f1da43ff776fa35893fe22e3000aa004fe0535
SSDEEP

3072:/wLlNWDtRKiUBhPlkDBMJilmc47/fcyh6EbLzO:IJgXKRzkDBMJitqV6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4ea1f8bf6a7f2bb0fff6cd2535c215b

Files

c4ea1f8bf6a7f2bb0fff6cd2535c215b
.exe windows:4 windows x86 arch:x86

badbbf3be1b9f4e96de7f813cea9aea8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExA
DeleteFileA
ReadFile
GetConsoleMode
GetComputerNameA
ReadConsoleA
CopyFileW
FindAtomA
GetLastError
ExitThread
CreateThread
OpenFile
FindFirstFileA
GetFileTime
CreateDirectoryA
WriteFile
OpenFileMappingA
GetCPInfo
GetStdHandle
Sleep

gdi32

AddFontMemResourceEx
AbortPath
ExcludeClipRect
AddFontResourceA
CloseFigure
GetPixel
GetClipBox
DeleteDC
GetBrushOrgEx
AddFontResourceExA
CancelDC
SetTextColor
RestoreDC
CreateSolidBrush
CopyMetaFileA
GetDCOrgEx
ExtTextOutA
GetBitmapBits

advapi32

RegLoadKeyA
RegCreateKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyExA
RegEnumKeyExW
RegReplaceKeyA
RegEnumValueA
RegQueryValueExW
RegOpenKeyA
RegLoadKeyW
RegEnumKeyW
RegQueryValueExA
RegQueryInfoKeyW
RegCreateKeyW
RegQueryValueW

user32

InsertMenuA
CloseWindow
GetDC
AlignRects
GetMenu
DrawTextW
GetCursor
CreateIcon
CopyImage
LoadCursorA
DialogBoxParamA
DrawIconEx
CopyRect
EndDialog
DrawTextA
GetWindowTextA
GetWindowTextLengthA
AppendMenuW

comctl32

ImageList_AddMasked
ImageList_Replace
ImageList_EndDrag
ImageList_Draw
ImageList_Read
ImageList_DragMove
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_DrawIndirect
ImageList_AddIcon
ImageList_GetIconSize
ImageList_Copy
ImageList_BeginDrag
ImageList_DrawEx
InitCommonControls
ImageList_DragShowNolock
ImageList_DragEnter

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 934B

IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

badbbf3be1b9f4e96de7f813cea9aea8

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

comctl32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 93KB - Virtual size: 149KB

.reloc Size: - Virtual size: 934B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 93KB - Virtual size: 149KB

.reloc
Size: - Virtual size: 934B

.rsrc
Size: 2KB - Virtual size: 2KB