004a439e1e3016be402ce072bcdfe763f9827429af17a3454a39545bf8dcdf45

Sharing

Copy URL Twitter E-mail

General

Target

004a439e1e3016be402ce072bcdfe763f9827429af17a3454a39545bf8dcdf45
Size

288KB
MD5

02b832bad236cab6deef13f8a194bc93
SHA1

1b89e847550382f4e63c130a695d02bf886aff18
SHA256

004a439e1e3016be402ce072bcdfe763f9827429af17a3454a39545bf8dcdf45
SHA512

0635e1d0413df6839a2918cb3d1e8dc0fe9ec04af71fa0b701e71c86b8d976692e9596c3b3333bd26be5893528522fb6b7fb2b1fc93f6d50251db15c442cf247
SSDEEP

6144:jAS0kv4nCrPqP2KJBitaNYS7KYh5bjos4L:/YCrUBEhy1aL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
004a439e1e3016be402ce072bcdfe763f9827429af17a3454a39545bf8dcdf45

Files

004a439e1e3016be402ce072bcdfe763f9827429af17a3454a39545bf8dcdf45
.exe windows:5 windows x86 arch:x86

ddd2939df9303ad6ccf7ae15948d8c67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
EndDialog
CopyImage
ReleaseDC
DialogBoxParamW
SetScrollRange
ScreenToClient
wsprintfW
SystemParametersInfoW
GetWindowRect
GetMenuState
SetMenu
GetScrollRange
GetMenu
DefWindowProcA
EqualRect
UpdateWindow
GetKeyboardLayoutList
GetDlgItem
ChildWindowFromPoint
FindWindowW
LoadStringW

shell32

SHGetFileInfoW
SHGetFileInfoA

ole32

CoTaskMemFree
OleRegEnumFormatEtc
CoRegisterMessageFilter

advapi32

RegEnumKeyExA
RegDeleteKeyW
RegQueryValueExW

gdi32

SaveDC
CreateFontA
GetClipBox
Pie
SetBoundsRect
GetCharWidthFloatA
SelectClipRgn
GetKerningPairsA
ArcTo
SelectObject
GetCharWidthA
PatBlt
Polygon
GetTextColor
SetTextJustification
ExtTextOutA
GetGlyphOutlineA
GetSystemPaletteUse
GetColorAdjustment
GetGlyphOutlineW
GetDeviceCaps
SetBkMode
CreateBrushIndirect
Rectangle
ResetDCW

winspool.drv

DocumentPropertiesW

kernel32

ReleaseSemaphore
CreateSemaphoreW
GetCommandLineA
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetFileType
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetTickCount
MultiByteToWideChar
LCMapStringW
IsValidCodePage
LockFileEx
WriteProcessMemory
AssignProcessToJobObject
GetNamedPipeHandleStateW
ReplaceFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
DeleteCriticalSection
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
GetModuleFileNameW
GetModuleFileNameA
ExitProcess
Sleep
GetOEMCP
GetACP
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapFree
HeapAlloc
GetStartupInfoW
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
WideCharToMultiByte
GetLastError
GetCPInfo
LoadLibraryA
GetCurrentProcess
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetVersion
GetModuleHandleW
GetProcAddress
CreateFileA
OpenProcess
SetEnvironmentVariableW
CreateProcessW
DeleteFileW
WaitForSingleObject
GetExitCodeProcess
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileW
CloseHandle
WriteFile
GlobalLock
GlobalAlloc
CreateThread
MoveFileA
CreateHardLinkW
GetCurrentThread
GetFileTime
GetExitCodeThread
GetPrivateProfileSectionW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddd2939df9303ad6ccf7ae15948d8c67

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

winspool.drv

kernel32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 61KB - Virtual size: 152KB

.rsrc Size: 168KB - Virtual size: 168KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 61KB - Virtual size: 152KB

.rsrc
Size: 168KB - Virtual size: 168KB