42609a79246fea21703df7b9a39fa507588a2cde731c9cffb2964f8e18f40a4d

Sharing

Copy URL Twitter E-mail

General

Target

42609a79246fea21703df7b9a39fa507588a2cde731c9cffb2964f8e18f40a4d
Size

4.4MB
MD5

ba8bfae8996172fd4bf1417d8963f8ab
SHA1

5af9050e92efbc4dd1ae2e3171c6abebcbeadc83
SHA256

42609a79246fea21703df7b9a39fa507588a2cde731c9cffb2964f8e18f40a4d
SHA512

3a8fdbae0230947fc01415c15967feafd53994974b27f7e1134541af7037c6007fb2709c3cb6626dc0a849e88ae9190374a7302e3611e7fd2c842148048a5294
SSDEEP

98304:JLWzK36tEfdsnWSXz12qyLoXtZY+hsaMwVX:JLUK36usn5zn2sfVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42609a79246fea21703df7b9a39fa507588a2cde731c9cffb2964f8e18f40a4d

Files

42609a79246fea21703df7b9a39fa507588a2cde731c9cffb2964f8e18f40a4d
.exe windows:4 windows x86 arch:x86

df9cfcd901966580349a33b6b1b9827b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

kernel32

CreateFileA
CreateFileW
CreateMutexW
CreateNamedPipeW
CreateThread
DeleteCriticalSection
DisconnectNamedPipe
ExitProcess
ExitThread
FindResourceExW
FindResourceW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetConsoleCP
GetCPInfo
GetEnvironmentStringsW
GetFileAttributesW
GetFileSize
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStdHandle
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
ConnectNamedPipe
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LoadLibraryExW
LoadLibraryW
LoadResource
LockResource
MultiByteToWideChar
OutputDebugStringW
RaiseException
ReadFile
SetEndOfFile
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStartupInfoA
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleW
WriteFile
CloseHandle
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetCommandLineW
GetConsoleMode
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
HeapAlloc
VirtualAlloc

user32

GetWindowRect
GetWindowLongW
GetSystemMetrics
GetSubMenu
GetMessageW
GetDC
EnumDisplaySettingsW
wsprintfW
DispatchMessageW
DestroyMenu
DefWindowProcW
CreateWindowExW
CopyRect
CheckMenuItem
ChangeDisplaySettingsW
GetForegroundWindow
GetWindowThreadProcessId
TranslateMessage
UpdateWindow
TranslateAcceleratorW
TrackPopupMenu
SystemParametersInfoW
ShowWindow
SetWindowPos
SetWindowLongW
SetTimer
RegisterClassExW
PostQuitMessage
OffsetRect
LoadStringW
LoadMenuW
LoadIconW
LoadCursorW
LoadAcceleratorsW
IsIconic
EnableMenuItem
IntersectRect

gdi32

SetDIBColorTable
SelectObject
SwapBuffers
GetObjectW
GetDeviceCaps
DeleteDC
CreateDIBSection
SetPixelFormat
ChoosePixelFormat
CreateCompatibleDC

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyW
RegCloseKey
RegSetValueExW

shell32

CommandLineToArgvW

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__getmainargs
_controlfp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bmp4_
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df9cfcd901966580349a33b6b1b9827b

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 96KB - Virtual size: 92KB

.bmp4_ Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 96KB - Virtual size: 92KB

.bmp4_
Size: 2.0MB - Virtual size: 2.0MB