4a635bc04eb91df638cfcdc9d164cf23

Sharing

Copy URL Twitter E-mail

General

Target

4a635bc04eb91df638cfcdc9d164cf23
Size

257KB
MD5

4a635bc04eb91df638cfcdc9d164cf23
SHA1

b97948a044b5c2acec2607ff3faa9ea5a6053221
SHA256

18ef0580befce37152426bb8ef5a0575627714189c224bf9e373c34ecd1fc254
SHA512

3db891a296972bcf16014014bf0e2fb0ae14529570a88ecb6614b34bfc6b4982a53035a5ae1e7de7f53f6183524733069734a01f0f077df75809497c33b1475b
SSDEEP

3072:/NTVU0JVqJhudfysvCMMltdi4wP3w7ZNJSxxJeVBuSQ0Xa2KOQILVoz5Bazr7k8j:/Np7dfgMMHApoZHUxY1/m9BazUST7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a635bc04eb91df638cfcdc9d164cf23

Files

4a635bc04eb91df638cfcdc9d164cf23
.exe windows:4 windows x86 arch:x86

38e2045f36573c16b24c5f110b0f36fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
CreateDirectoryA
RaiseException
GetACP
GetOEMCP
GetFileType
TerminateProcess
HeapSize
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
ExitProcess
HeapReAlloc
HeapAlloc
HeapFree
lstrlenA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
SetFileTime
CloseHandle
SetFileAttributesA
GetEnvironmentVariableA
GetSystemDirectoryA
GlobalReAlloc
RtlUnwind
GlobalAddAtomA
GetCurrentDirectoryA
SetErrorMode
GetVersionExA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetProcessVersion
SizeofResource
GlobalFlags
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
SystemTimeToFileTime
GetFileTime
GetFileSize
lstrcmpiA
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
GetCurrentProcess
WriteFile
ReadFile
WideCharToMultiByte
SetLastError
MultiByteToWideChar
GetStringTypeW
SetUnhandledExceptionFilter
InterlockedDecrement
GetTimeZoneInformation
GetModuleFileNameA
InterlockedIncrement
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcpynA
LockResource
FindResourceA
LoadResource
GetVolumeInformationA
SetVolumeLabelA
FindNextFileA
OpenFile
_lclose
GetDriveTypeA
GetFullPathNameA
DosDateTimeToFileTime
LocalFileTimeToFileTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
LCMapStringW
GetStringTypeA
GetTempPathA
GetVersion
lstrcpyA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
FindClose
FindFirstFileA
WritePrivateProfileStringA
MoveFileExA
GetProfileStringA
GetShortPathNameA
GetWindowsDirectoryA
DeleteFileA
GetLastError
CopyFileA
GetFileAttributesA
LocalFree
GlobalHandle
GetTempFileNameA

user32

PostQuitMessage
GetCursorPos
ValidateRect
TranslateMessage
MessageBoxA
GetMessageA
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
LoadCursorA
GetSysColorBrush
DestroyMenu
FindWindowA
InvalidateRect
OffsetRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IntersectRect
InflateRect
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScreenToClient
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetTopWindow
GrayStringA
GetCapture
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenu
ShowOwnedPopups
SetCursor
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetFocus
SetFocus
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
MessageBeep
UpdateWindow
ExitWindowsEx
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
PostMessageA
GetWindowDC
LoadIconA
OemToCharA
wsprintfA
GetTabbedTextExtentA
ReleaseDC
GetDC
CharUpperA
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowTextLengthA
IsChild
WinHelpA
PeekMessageA
EnableWindow
SendMessageA
GetScrollPos
GetMenuItemID
SetScrollPos
DrawFocusRect
ExcludeUpdateRgn
DefDlgProcA
UnregisterClassA
WindowFromPoint
IsWindowUnicode
CharNextA
ShowCaret
HideCaret

gdi32

SetTextColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetTextMetricsA
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
PatBlt
CreateDIBitmap
CreateCompatibleDC
IntersectClipRect
BitBlt
SetBkColor

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegConnectRegistryA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
DragQueryFileA

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38e2045f36573c16b24c5f110b0f36fe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 19KB - Virtual size: 85KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 19KB - Virtual size: 85KB

.rsrc
Size: 31KB - Virtual size: 31KB