4f5473caad1d297fb73e955b1d2e1c91e1a5a289a2500e6fef3beda332287a8c

General

Target

4f5473caad1d297fb73e955b1d2e1c91e1a5a289a2500e6fef3beda332287a8c
Size

25KB
MD5

466fd7108e6c0fc51eb7efb23404846a
SHA1

117c33f3bbb30885b3c10dcd00a22e38fa5d169d
SHA256

4f5473caad1d297fb73e955b1d2e1c91e1a5a289a2500e6fef3beda332287a8c
SHA512

5fd83e411ee0b2a8c71e13b4a10930f50197713a9a966abc787f82afabcb6fcf71edbbe65e4989d5eb226e05d00bf9aca1b03456f7ea333190e9f001d5c53e20
SSDEEP

384:8T9IWqIwt10zr6lXYhCRdkyurLmC2S1xJrQcWrH/RUAMO0MY0holUxHd+q4tKDES:8ht+Izr6pqRrLuS1vzWpaGZHdSYDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f5473caad1d297fb73e955b1d2e1c91e1a5a289a2500e6fef3beda332287a8c

Files

4f5473caad1d297fb73e955b1d2e1c91e1a5a289a2500e6fef3beda332287a8c
.dll windows:4 windows x86 arch:x86

c96f5c2c5da54f546a938d00f864f3d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
lstrlenA
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
GetTickCount
OutputDebugStringA
LocalFree
LocalSize
LocalAlloc
WinExec
lstrcatA
WriteFile
CreateFileA
Sleep
CopyFileA
GetSystemDirectoryA
GetCurrentDirectoryA
FreeConsole
GlobalMemoryStatusEx
HeapAlloc
GetProcessHeap
VirtualProtect
HeapFree
SetEvent
CloseHandle
WaitForSingleObject
CreateEventA
lstrcmpiA
InterlockedExchange
VirtualAlloc
GetLocalTime
VirtualFree

user32

wsprintfA

advapi32

ClearEventLogA
OpenEventLogA
CloseEventLog

msvcrt

strrchr
_strupr
??3@YAXPAX@Z
memcpy
ceil
_ftol
__CxxFrameHandler
_CxxThrowException
memset
??2@YAPAXI@Z
memcmp
strlen
_except_handler3
_local_unwind2
printf
strstr
strcpy
strncpy
_stricmp
rand
wcstombs
realloc
free
_beginthreadex
strchr
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
malloc
_adjust_fdiv

Exports

Exports

DllUpdate
Install
MainThread
ServiceMain
Uninstall

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c96f5c2c5da54f546a938d00f864f3d8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB