4679b5715072e134371bb1696a96b83f

Sharing

Copy URL Twitter E-mail

General

Target

4679b5715072e134371bb1696a96b83f
Size

80KB
MD5

4679b5715072e134371bb1696a96b83f
SHA1

c71f5117623e7feea354de37682e97352d333d9b
SHA256

d1229d127211a14c9fc16230317beec569f5a087e204e342ea18d2afd92e9024
SHA512

88fa4404903b9ea9c26e75eadbdf761d26213db88b220b959028e711fbfa8fdc0c7a40448e04fa3fa35aa4d980678474dfdcaf0ef4ba9f5576e02b4b13ca16e7
SSDEEP

1536:7n0CzWCTX3mqTIIN3Q7aStlKvGM6pRHo6:wC1Hz0a6lKvj6ppo6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4679b5715072e134371bb1696a96b83f

Files

4679b5715072e134371bb1696a96b83f
.exe windows:4 windows x86 arch:x86

06f53473042ede72483a200f9bdbe429

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

scad_lib

_sc_wait_new_tables@8
_sc_built@0
_do_mapping@0
_block_initialise@8
_block_uninitialise@0
_unmap@0
_sc_table_rebuild@4
_scn_get_next_hwt@8
_scn_details_from_hwt@16
_sc_force_build@4
_evnt_declare@8
_sc_block@8
_sc_unblock@4

db_sys

_db_put@16
_db_kill@4
_db_make@20
db_get
_db__stop@0
_db__start@0

dyn_lib

_s_char@8
_bug_stk_store@4
_s_float@16
_clear_lang_dll@0
_s_hex@8
_a_int@8
_s_time@8
_s_date@8
_s_scientific@20
_get_lang_dll@0
_run_program@4
_its_me_enum@4
_ini_name@0
_n_text@12
_in_tray@4
_flg@4
_add_days@8
_time_add@8
_get_time@0
_get_date@0
_v_flg@4
_fatal_blow@12
_lib_close_down@0
_s_fixed@20
pos_size_handler
_post_to@16
_ini_name_set@4
_awax_already@0
_lib_start_up@0
_user@4
_dlg_small_font@8
_s_match@8
_font_normal@4
_db_bi_size@8
_path_release@0
_grey@12
_show_message@8
_font_small@4
_a_char@8
_general_program@28
_send_buffer@20
_x_match@8
_trap_window@16
_db_bi_close@4
_db_bi_read@12
_db_bi_open_read@12
_db_bi_write@12
_db_bi_create@12
_s_int@8
_show_message_with_cancel@8
_show_message_with_yes_no@8

kernel32

GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
WinExec
WritePrivateProfileStringA
Sleep
IsBadStringPtrA
CloseHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetModuleFileNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetProcAddress
LoadLibraryA
FreeResource
LockResource
LoadResource
FindResourceA
OutputDebugStringA
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
InitializeCriticalSection
GetOEMCP
GetACP
MultiByteToWideChar
GetCPInfo
WriteFile
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
InterlockedIncrement
InterlockedDecrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
GetLastError
GetSystemTimeAsFileTime
GetTimeZoneInformation
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
GetVolumeInformationA

user32

SetClassLongA
GetClassLongA
GetParent
GetDesktopWindow
GetWindowLongA
GetClassNameA
DialogBoxParamA
DialogBoxIndirectParamA
SendMessageA
ReplyMessage
IsIconic
LoadCursorA
SetCursor
DestroyIcon
GetDC
DrawIcon
wsprintfA
GetDlgItemTextA
GetDlgItem
SetFocus
SetWindowPos
UpdateWindow
SetForegroundWindow
GetMenu
DestroyMenu
CreateMenu
AppendMenuA
SetMenu
GetWindowRect
MoveWindow
GetWindowDC
GetSysColor
GetClientRect
ReleaseDC
DrawMenuBar
SetDlgItemTextA
EndDialog
ReleaseCapture
ShowWindow
FindWindowA
SetCapture
DestroyWindow
SetTimer
KillTimer
PostQuitMessage
InvalidateRect
BeginPaint
EndPaint
SetWindowTextA
PostMessageA
DefWindowProcA

gdi32

GetDeviceCaps
GetTextExtentPoint32A
TextOutA
SetTextColor
SetBkMode
SetBkColor

shell32

ExtractIconA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06f53473042ede72483a200f9bdbe429

Headers

File Characteristics

Imports

scad_lib

db_sys

dyn_lib

kernel32

user32

gdi32

shell32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 67KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 67KB

.rsrc
Size: 4KB - Virtual size: 2KB