407aa5e16b0e89f6530b722c474b85f0b044c123ada2a85cc5a6c0a4186585a6

Sharing

Copy URL Twitter E-mail

General

Target

407aa5e16b0e89f6530b722c474b85f0b044c123ada2a85cc5a6c0a4186585a6
Size

112KB
MD5

b55a7742115424170d8152af7ecaffc9
SHA1

3789fb7782dfbc6649ef5cc66e2bb474ff33363f
SHA256

407aa5e16b0e89f6530b722c474b85f0b044c123ada2a85cc5a6c0a4186585a6
SHA512

6f6a4cf78eebb7d748176c60f8ff6971f7bd1460125410dae16d6c3c0f387e27c6b4f1a9a8e05944a29d13918e3f7086b42cedba5ac4da9418c213946abec688
SSDEEP

1536:6SXdE1hSwEIkOeY2Pb7uh/jsG2nZZgNjOMPRkvzIgbYu+STV3QI4:6vxkyB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
407aa5e16b0e89f6530b722c474b85f0b044c123ada2a85cc5a6c0a4186585a6

Files

407aa5e16b0e89f6530b722c474b85f0b044c123ada2a85cc5a6c0a4186585a6
.exe windows:5 windows x86 arch:x86

4a06b140400657d3b107fbd951de0d46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
wcscat
free
calloc
malloc
_adjust_fdiv
strcpy
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memset
memcpy

kernel32

GetStartupInfoA
ResumeThread
ResetWriteWatch
GetModuleHandleA
GetModuleFileNameA
VirtualAllocEx
VirtualAlloc
ExitProcess
GetThreadContext
SetThreadContext
GetTickCount
VirtualFreeEx
LoadLibraryW
Sleep
ReadProcessMemory
CreateProcessA
TerminateProcess
GetLastError
GetProcAddress

user32

GetClassInfoExW
GetLastActivePopup
TrackPopupMenu
MapDialogRect
ShowOwnedPopups
SetScrollRange
GetClassInfoW
GetScrollRange
GetForegroundWindow
IntersectRect
MessageBoxA
PeekMessageW
SetScrollPos
ScrollWindow
SetMenu
GetMessageTime
ValidateRect
GetScrollPos
EndDeferWindowPos
GetCaretBlinkTime
ShowScrollBar
BeginDeferWindowPos
RegisterClassW
RegisterClipboardFormatW

gdi32

SetPolyFillMode
SaveDC
SetMapMode
AddFontResourceExW
SetBrushOrgEx
SetLayout
GetClipBox
SetROP2
RestoreDC

winspool.drv

EndPagePrinter
StartDocPrinterA
OpenPrinterA
WritePrinter

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a06b140400657d3b107fbd951de0d46

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

winspool.drv

setupapi

Sections

.text Size: 87KB - Virtual size: 87KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 140B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 87KB - Virtual size: 87KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 140B

.rsrc
Size: 10KB - Virtual size: 10KB