4dd9417418c8f55cfc99a21e53630d3efb0a8fed919c8765646553dedbbfce56

Sharing

Copy URL

Twitter E-mail

General

Target

4dd9417418c8f55cfc99a21e53630d3efb0a8fed919c8765646553dedbbfce56
Size

350KB
MD5

2da42768bb8d6877c09967acb1cd6c58
SHA1

ce144f656de63c7193ee651b26c4fcead5b911b0
SHA256

4dd9417418c8f55cfc99a21e53630d3efb0a8fed919c8765646553dedbbfce56
SHA512

bb329c8995bcdadd7cf927e6c75a3390cda17ac9f38dac438e29e50c356045a0a4894fa6100cc3a2a71d4d6ca1cf7e29613449bae41aaa1c9fbda2f5db3b5f56
SSDEEP

6144:MZWSuD6psjND5lxQUbazeaXAVbpF//8333ffx0o6:M3u8sjZ5lx/TYu//8333ffE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dd9417418c8f55cfc99a21e53630d3efb0a8fed919c8765646553dedbbfce56

Files

4dd9417418c8f55cfc99a21e53630d3efb0a8fed919c8765646553dedbbfce56
.exe windows:4 windows x86 arch:x86

7aed72c2c1b3610477b2955cadfe78a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
SetEvent
Sleep
InitializeCriticalSection
lstrcmpW
MulDiv
GetModuleFileNameW
MultiByteToWideChar
GetLastError
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
FlushInstructionCache
SetLastError
InterlockedIncrement
lstrlenA
SetCurrentDirectoryW
LoadLibraryW
GetProcAddress
IsProcessorFeaturePresent
InterlockedCompareExchange
GetThreadLocale
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
DeleteCriticalSection
GetLocaleInfoA
RtlUnwind
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
HeapDestroy
HeapSize
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
GetProcessHeap
GetVersionExA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapFree
RaiseException
GetModuleHandleW
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
CloseHandle
FindResourceW
GlobalFree
GlobalHandle
lstrlenW
LoadLibraryExW
SizeofResource
lstrcmpiW
FreeLibrary
ReadFile
SetFilePointer
GetFileSize
CreateFileW
GetCommandLineW
HeapAlloc
ExitProcess
GetModuleHandleA
VirtualQuery

user32

CreateWindowExW
PostThreadMessageW
GetWindow
SetWindowPos
DialogBoxIndirectParamW
SendMessageW
CharUpperW
GetActiveWindow
UpdateWindow
ShowWindow
GetParent
UnregisterClassA
TranslateMessage
PostQuitMessage
GetMessageW
GetSystemMetrics
PostMessageW
GetCursorPos
SetCursor
KillTimer
IsRectEmpty
GetUpdateRect
SetTimer
SendDlgItemMessageW
MapDialogRect
SetWindowContextHelpId
EndDialog
IsDlgButtonChecked
MessageBoxW
GetDlgItemInt
CheckDlgButton
SetDlgItemInt
DestroyWindow
SetWindowLongW
CharNextW
DestroyAcceleratorTable
DefWindowProcW
GetSysColor
BeginPaint
GetClientRect
FillRect
EndPaint
GetDC
ReleaseDC
IsChild
GetFocus
SetFocus
CallWindowProcW
IsWindow
GetDlgItem
GetWindowLongW
RedrawWindow
GetClassNameW
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
InvalidateRect
InvalidateRgn
GetDesktopWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetClassInfoExW
LoadCursorW
RegisterClassExW
DispatchMessageW

gdi32

StretchDIBits
Rectangle
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
GetObjectW
CreateCompatibleDC

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

CommandLineToArgvW

ole32

CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoRevokeClassObject
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc

oleaut32

LoadTypeLi
UnRegisterTypeLi
SysStringLen
RegisterTypeLi
VariantInit
VariantClear
SysStringByteLen
LoadRegTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysAllocString
VarUI4FromStr
SysFreeString

Sections

.text
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7aed72c2c1b3610477b2955cadfe78a9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 257KB - Virtual size: 257KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 14KB - Virtual size: 22KB

.data1 Size: 20KB - Virtual size: 19KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 257KB - Virtual size: 257KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 14KB - Virtual size: 22KB

.data1
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 25KB - Virtual size: 25KB