4376cceebeae6464d8bb6d4b2e1b7d151c6abb8c00c8c1dfa4c6d2690a3787fb

Sharing

Copy URL Twitter E-mail

General

Target

4376cceebeae6464d8bb6d4b2e1b7d151c6abb8c00c8c1dfa4c6d2690a3787fb
Size

800KB
MD5

e6829b98a0cdd33d8dbe3b67726ecfc7
SHA1

8afc126f7732bdef4051b2c2c0465c81fd3f132e
SHA256

4376cceebeae6464d8bb6d4b2e1b7d151c6abb8c00c8c1dfa4c6d2690a3787fb
SHA512

b5cf0634028d8b2dc98af4d08f35e74e86656f2401e3dcebb1f478a3eb96b7d95eb3ef18dc2fb615de9f5522342f3e4c5738c92302445d166bd6233133e3a268
SSDEEP

24576:exSvqv+bW3G+ntyeukMbQr/z+UxyL8LULbUe0k/MkLLDw5:50Vhnge/DkyU3UPk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4376cceebeae6464d8bb6d4b2e1b7d151c6abb8c00c8c1dfa4c6d2690a3787fb

Files

4376cceebeae6464d8bb6d4b2e1b7d151c6abb8c00c8c1dfa4c6d2690a3787fb
.exe windows:4 windows x86 arch:x86

afb6c975d5e0f5db5370608d8bf97f02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

InitCommonControls

gdi32

ChoosePixelFormat
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
SetPixelFormat
SwapBuffers

kernel32

AllocConsole
CloseHandle
CreateEventA
CreateThread
ExitProcess
FreeConsole
FreeLibrary
GetCommandLineA
GetConsoleScreenBufferInfo
GetLargestConsoleWindowSize
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetStartupInfoA
GetStdHandle
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
LoadLibraryA
MapViewOfFile
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
ReadConsoleOutputCharacterA
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetEvent
SetUnhandledExceptionFilter
Sleep
UnmapViewOfFile
WaitForMultipleObjects
WriteConsoleInputA
WriteFile

msvcrt

_stricmp
_strnicmp
_unlink
__getmainargs
__p__environ
__set_app_type
_cexit
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_iob
_mkdir
_setjmp
_setmode
_snprintf
_vsnprintf
atan
atan2
atexit
atof
atoi
ceil
exit
exp
fclose
feof
fflush
fgets
floor
fopen
fread
free
fseek
ftell
fwrite
isalpha
isdigit
isupper
localtime
log
longjmp
malloc
memcpy
memmove
memset
pow
rand
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strftime
strncmp
strncpy
strrchr
strstr
tan
time
tolower
toupper
vfprintf
vsprintf

user32

AdjustWindowRectEx
ChangeDisplaySettingsA
ClipCursor
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetCursorPos
GetDC
GetKeyboardState
GetMessageA
GetSystemMetrics
LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
MsgWaitForMultipleObjects
PeekMessageA
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetCursorPos
SetForegroundWindow
SetWindowPos
ShowCursor
ShowWindow
SystemParametersInfoA
ToAscii
TranslateMessage
UpdateWindow

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciSendCommandA
timeBeginPeriod
timeGetTime
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

wsock32

WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
gethostbyname
htons
ioctlsocket
ntohs
recvfrom
sendto
socket

Sections

.text
Size: 753KB - Virtual size: 753KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 45.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

afb6c975d5e0f5db5370608d8bf97f02

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

msvcrt

user32

winmm

wsock32

Sections

.text Size: 753KB - Virtual size: 753KB

.data Size: 41KB - Virtual size: 40KB

.bss Size: - Virtual size: 45.6MB

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 753KB - Virtual size: 753KB

.data
Size: 41KB - Virtual size: 40KB

.bss
Size: - Virtual size: 45.6MB

.idata
Size: 5KB - Virtual size: 4KB