4f292a2c028a5661a32fab22871684d3505147d73e9e07b95f3156dc6ac64dd3

Sharing

Copy URL Twitter E-mail

General

Target

4f292a2c028a5661a32fab22871684d3505147d73e9e07b95f3156dc6ac64dd3
Size

285KB
MD5

b9a50e408dbbea01af12a9e64713ee86
SHA1

6511b76dbfcb0f298ff7234c1f688a1c274dd1c8
SHA256

4f292a2c028a5661a32fab22871684d3505147d73e9e07b95f3156dc6ac64dd3
SHA512

8eea2b90c7a0039be9633f4314070501e6acb6ee0512a216b2dcc02c93c5c55ae6b20fc35ff4cbc8b9678dc61401ef6c7483203939db47635ef192c10311ad6e
SSDEEP

6144:8LuA/LEpWEz5YOksKtuWTTWWDEsh1NblZ:8Lt/LEsEz5YOOMwThEszNblZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f292a2c028a5661a32fab22871684d3505147d73e9e07b95f3156dc6ac64dd3

Files

4f292a2c028a5661a32fab22871684d3505147d73e9e07b95f3156dc6ac64dd3
.exe windows:5 windows x86 arch:x86

0ab2cf4821bd67e5b968b986cd97f9ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
MultiByteToWideChar
CloseHandle
GetFileSize
GetStdHandle
WaitForSingleObject
ReadConsoleInputW
Beep
GetTickCount
TryEnterCriticalSection
SetConsoleCtrlHandler
FindFirstFileW
SearchPathW
SetHandleInformation
EnterCriticalSection
GetCommandLineW
GetConsoleOutputCP
SetConsoleMode
TerminateProcess
GetModuleFileNameW
WaitForMultipleObjects
GetConsoleCP
SetEnvironmentVariableW
LeaveCriticalSection
CreatePipe
InitializeCriticalSection
GetConsoleTitleW
GetEnvironmentVariableW
FindClose
GetLastError
FileTimeToSystemTime
LoadLibraryW
WriteConsoleInputW
FileTimeToLocalFileTime
GetCurrentDirectoryW
SetStdHandle
SetCurrentDirectoryW
GetProcAddress
SetFileApisToOEM
DeleteCriticalSection
ExitProcess
CreateProcessW
GetModuleHandleW
FreeLibrary
GetExitCodeProcess
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetConsoleMode
SetConsoleCursorInfo
FillConsoleOutputAttribute
FlushConsoleInputBuffer
SetConsoleCursorPosition
SetConsoleTitleW
SetFilePointer
FindNextFileW
WriteFile
VirtualAlloc
SetFileTime
GetFileAttributesW
SetFileAttributesW
DeleteFileW
SystemTimeToFileTime
GetSystemTime
CopyFileExW
GetFileTime
GetCurrentProcess
DuplicateHandle
SetLocalTime
GetLocalTime
Sleep
GetVolumeInformationW
GetDiskFreeSpaceW
GetVolumePathNameW
FormatMessageW
LocalFree
lstrcmpiW
CreateDirectoryW
RemoveDirectoryW
GetLocaleInfoW
GetDateFormatW
GlobalMemoryStatus
DeviceIoControl
MoveFileExW
CopyFileW
FillConsoleOutputCharacterW
WriteConsoleOutputCharacterW
MoveFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetProcessAffinityMask
ResumeThread
GetVersionExW
HeapFree
HeapAlloc
WriteConsoleW
GetProcessHeap
WideCharToMultiByte
FlushFileBuffers
LockResource
FindResourceExW
LoadResource
GetFileType
ReadConsoleW
SetEndOfFile
SetFilePointerEx
HeapSize
GetFullPathNameW
SetLastError
ReadFile
AddConsoleAliasW
GetConsoleAliasesLengthW
GetConsoleAliasW
lstrlenW
VirtualFree
GetConsoleAliasesW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
GetStringTypeW
GetDriveTypeW
GetModuleHandleExW
GetCommandLineA
GetACP
HeapReAlloc
GetFileAttributesExW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
CompareStringW
LCMapStringW
DecodePointer

user32

LoadStringW
MessageBeep

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ab2cf4821bd67e5b968b986cd97f9ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 4KB - Virtual size: 81KB

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 4KB - Virtual size: 81KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 10KB - Virtual size: 10KB