b4918b36259995facf47e60eb2086c4b8545dd223d995342f53096a71db95a84

Sharing

Copy URL Twitter E-mail

General

Target

b4918b36259995facf47e60eb2086c4b8545dd223d995342f53096a71db95a84
Size

206KB
MD5

9b1395c717936ce01ea95fd4c5fab9b7
SHA1

870e3c7fbad6c911510a67d36cdb4ee54600eb52
SHA256

b4918b36259995facf47e60eb2086c4b8545dd223d995342f53096a71db95a84
SHA512

a9b0a53ff066a3fb9df83e81111ee5c4825a66efd72d6e0892524b606f70a5ce361ee44cc80f3afc277149c8ed08109f52f459e5a6a028ef04b86c89b85ce192
SSDEEP

6144:jKlaJBQHuC9JyW4e5SJzkiPfYlk+waH4z:NBQX9JyjeOdnYltp4z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4918b36259995facf47e60eb2086c4b8545dd223d995342f53096a71db95a84

Files

b4918b36259995facf47e60eb2086c4b8545dd223d995342f53096a71db95a84
.exe windows:4 windows x86 arch:x86

3ec6af4f6b9c2b409eb863bb44c7dbaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromIID
CoGetObjectContext
CoFreeUnusedLibraries
CoUnmarshalInterface
CoDisconnectObject
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize
CoGetMalloc
CreateBindCtx

advapi32

RegLoadKeyA

version

VerQueryValueA
VerInstallFileA

kernel32

GetLastError
VirtualAlloc
VirtualAllocEx
GetModuleHandleA
GetProcAddress
ExitThread
LoadLibraryA
IsBadReadPtr
GetVersionExA
ExitProcess
LoadLibraryExA

user32

CallNextHookEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseColorA

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res9
Size: 2KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res0
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res6
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res3
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ec6af4f6b9c2b409eb863bb44c7dbaa

Headers

File Characteristics

Imports

ole32

advapi32

version

kernel32

user32

comdlg32

Sections

.text Size: 182KB - Virtual size: 181KB

DATA Size: 1024B - Virtual size: 802B

.res9 Size: 2KB - Virtual size: 33KB

.res4 Size: 1KB - Virtual size: 1KB

.res0 Size: 13KB - Virtual size: 13KB

.res6 Size: 1024B - Virtual size: 774B

.res3 Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 182KB - Virtual size: 181KB

DATA
Size: 1024B - Virtual size: 802B

.res9
Size: 2KB - Virtual size: 33KB

.res4
Size: 1KB - Virtual size: 1KB

.res0
Size: 13KB - Virtual size: 13KB

.res6
Size: 1024B - Virtual size: 774B

.res3
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 1024B