4d42b540946deaa1daf06106731c01ed842f1f447f6cb593f9a1c2cb5c1fe202

Sharing

Copy URL

Twitter E-mail

General

Target

4d42b540946deaa1daf06106731c01ed842f1f447f6cb593f9a1c2cb5c1fe202
Size

728KB
MD5

e967c0a8c4329308ff28484929fab60e
SHA1

8aa9d665af9cf15a763ac1c57b2aaf8fada2ce32
SHA256

4d42b540946deaa1daf06106731c01ed842f1f447f6cb593f9a1c2cb5c1fe202
SHA512

502cf268bc4f937fb051001f86cf273d97971960bef1af7bbfb0b5117b715ce2629badd2fdce8ae8917a064d30bd60c457594035ce22faf2545589430185df5e
SSDEEP

12288:+Ik4p95KJO/tm/q3guiXNUGZ2narGJhfQYYLhDXfS:+X4aum/OdarGJabS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d42b540946deaa1daf06106731c01ed842f1f447f6cb593f9a1c2cb5c1fe202

Files

4d42b540946deaa1daf06106731c01ed842f1f447f6cb593f9a1c2cb5c1fe202
.exe windows:4 windows x86 arch:x86

cea97693c6f20a21d9d9dcfc0e49a836

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
CreateDIBSection
Rectangle
PtInRegion
FrameRgn
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
ExtCreateRegion
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetMapMode
PatBlt
DPtoLP
LPtoDP
GetTextExtentPointA
ExcludeClipRect
CreatePen
Ellipse
StretchBlt
DeleteDC
GetStockObject
CreateRectRgn
GetPixel
DeleteObject
CombineRgn
EnumFontFamiliesA
GetDeviceCaps
CreateFontIndirectA
GetTextColor
GetBkColor
GetTextExtentPoint32A
CreateSolidBrush
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetClipBox
CreateFontA
CreateDIBitmap

msimg32

TransparentBlt

kernel32

LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalHandle
MulDiv
OutputDebugStringA
GetModuleHandleA
GetModuleFileNameA
CloseHandle
GetLastError
CreateMutexA
ReleaseMutex
DeleteFileA
OpenMutexA
LoadLibraryA
FreeLibrary
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
WaitForSingleObject
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
ReadFile
GetFileSize
CreateFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
WritePrivateProfileStructA
GetPrivateProfileStructA
GetPrivateProfileIntA
lstrlenA
GetTickCount
GetCurrentThreadId
FindClose
FindFirstFileA
LoadResource
FindResourceA
LockResource
GetProcAddress
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
GetVersion
SetLastError
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
LocalFree
FormatMessageA
TlsFree
lstrcpynA
lstrcmpA
GetCurrentThread
FileTimeToSystemTime
FileTimeToLocalFileTime
DuplicateHandle
GetCurrentProcess
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
SizeofResource
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GetProfileStringA

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
CharNextA
DestroyMenu
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
SetWindowContextHelpId
MapDialogRect
CharUpperA
GetDesktopWindow
GetSysColorBrush
CopyAcceleratorTableA
GetNextDlgGroupItem
ShowWindow
RegisterClipboardFormatA
PostThreadMessageA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
GetClassLongA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
MessageBeep
EndDialog
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetWindow
GetScrollInfo
IsRectEmpty
wsprintfA
MapVirtualKeyA
OffsetRect
InflateRect
GetClassNameA
SetPropA
CallNextHookEx
GetPropA
RemovePropA
SetFocus
SetWindowLongA
GetWindowTextA
DestroyWindow
CallWindowProcA
TrackMouseEvent
IsWindow
AppendMenuA
CopyRect
GetMenuState
GetMenuItemInfoA
DestroyIcon
FindWindowA
IsIconic
GetSystemMetrics
DrawIcon
LoadIconA
UnhookWindowsHookEx
SetWindowsHookExA
ScreenToClient
KillTimer
SetTimer
PtInRect
RegisterWindowMessageA
DrawTextA
SetCursor
SetActiveWindow
GetDC
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
TrackPopupMenu
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
AdjustWindowRectEx
IsWindowVisible
SetScrollInfo
GetTopWindow
MessageBoxA
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
IntersectRect
GetMenuItemID
ReleaseDC
GetActiveWindow
GetCapture
SetCapture
ClientToScreen
WindowFromPoint
ReleaseCapture
GetWindowLongA
SendMessageA
DefWindowProcA
GetSysColor
LoadCursorA
InvalidateRect
UpdateWindow
FillRect
GetCursorPos
GetWindowRect
CreatePopupMenu
LoadStringA
RedrawWindow
EnableWindow
SetRect
GetParent
PostMessageA
LoadBitmapA
SetWindowRgn
GetClientRect
SendDlgItemMessageA
CreateWindowExA
UnregisterClassA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

comctl32

_TrackMouseEvent
ImageList_Destroy
ord17

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord251
ord253

oleaut32

SysAllocStringByteLen
SysStringLen
VariantCopy
VariantTimeToSystemTime
SysAllocString
VariantClear
VariantChangeType
SysAllocStringLen
SysFreeString

Sections

.text
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cea97693c6f20a21d9d9dcfc0e49a836

Headers

File Characteristics

Imports

gdi32

msimg32

kernel32

user32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 344KB - Virtual size: 341KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 16KB - Virtual size: 195KB

.rsrc Size: 288KB - Virtual size: 286KB

.text
Size: 344KB - Virtual size: 341KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 16KB - Virtual size: 195KB

.rsrc
Size: 288KB - Virtual size: 286KB