4e9cb30eced5018326640ffddec3247344cdb7a24eafe1794a59bcd447f08a3a

Sharing

Copy URL

Twitter E-mail

General

Target

4e9cb30eced5018326640ffddec3247344cdb7a24eafe1794a59bcd447f08a3a
Size

4.4MB
MD5

fd0cfcc98b2b9adbf00c1a88dac9a4b5
SHA1

bb3dd242418beb345d23806a41efecbebb34e6b2
SHA256

4e9cb30eced5018326640ffddec3247344cdb7a24eafe1794a59bcd447f08a3a
SHA512

00c53a3f2a53ba4cb39cdba6c1886167e9e3b77c7ec623891f9a9057f24f485ea91d5d8bd1fcd55337e5b91b7f3aef47d43c5b4b38b01a1c7c04f0ef3f12bedc
SSDEEP

98304:EjlofBmS/0NfW9WyOmfdaKdJsFKR6fdMN74eSEX8OkDDwJYdWNztyv:EmmS/KfIZQKQUgWN7FX1kDDj8Nov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e9cb30eced5018326640ffddec3247344cdb7a24eafe1794a59bcd447f08a3a

Files

4e9cb30eced5018326640ffddec3247344cdb7a24eafe1794a59bcd447f08a3a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_
_dllMain_Name@12
_mainB_@8
_mainW@16
_main_@4
main
main1
main5
mainB

Sections

Size: 454KB - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 44KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 499KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 28KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.winlice
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 454KB - Virtual size: 746KB

Size: 44KB - Virtual size: 102KB

Size: 3KB - Virtual size: 18KB

Size: 512B - Virtual size: 26B

Size: 499KB - Virtual size: 510KB

Size: 28KB - Virtual size: 37KB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 22KB

.winlice Size: - Virtual size: 5.3MB

.boot Size: 3.4MB - Virtual size: 3.4MB

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 22KB

.winlice
Size: - Virtual size: 5.3MB

.boot
Size: 3.4MB - Virtual size: 3.4MB