475c13ae1d446c61824315961e5838916ac4a3f28bc441aa8a2b39b81383ea4a[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

475c13ae1d446c61824315961e5838916ac4a3f28bc441aa8a2b39b81383ea4a.exe
Size

273KB
MD5

e4b47c06b5eed80fb44cfea757525634
SHA1

78b5133cd84e3d89ebca4b36f33273df6e70c3f4
SHA256

475c13ae1d446c61824315961e5838916ac4a3f28bc441aa8a2b39b81383ea4a
SHA512

bef0195a513a28e7c9868bca359a4f1726c9f8d15204b743c0e2467e6f6c68a67994e737c82997fef0c2bb9dcfc206100a0a52e756d286fbaf1e56d2e04e7843
SSDEEP

6144:TLg1drHvFTdNWJDRm03jJGxoyApQU/waqElD:Te5RTWr/TJpZ/h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
475c13ae1d446c61824315961e5838916ac4a3f28bc441aa8a2b39b81383ea4a.exe

Files

475c13ae1d446c61824315961e5838916ac4a3f28bc441aa8a2b39b81383ea4a.exe
.exe windows:5 windows x86 arch:x86

6f0f6728fed938390cd1a7b493280d77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextCharacterExtra
SetSystemPaletteUse
GetTextCharsetInfo
GetTextCharset
GetMapMode
GetTextColor
SetTextJustification
GetCurrentObject
GetMetaRgn
GetClipRgn
GetFontUnicodeRanges
GetTextCharacterExtra
GetSystemPaletteUse
GetFontLanguageInfo
GetStretchBltMode
GetPolyFillMode
GetObjectType
GetRandomRgn
SetTextAlign
GetNearestPaletteIndex
GetTextAlign
GetPixelFormat
GetDCBrushColor
GetBkColor
GetNearestColor
SetPixel

user32

EndPaint
GetCursor
GetDlgItem
GetMenuItemCount
SetWindowTextA
GetPropA
SendMessageA
MoveWindow
GetWindowDC
SetFocus
IsWindowUnicode
WindowFromDC
GetDC
LoadIconA
GetQueueStatus
EnableWindow
GetKeyboardType
EndDialog
GetDlgItemInt
GetInputState
CallWindowProcA
GetMenu
PostMessageA
GetMenuItemID
IsWindowEnabled
SetDlgItemTextA
GetWindowContextHelpId
CheckDlgButton
GetScrollPos
DrawTextA
GetForegroundWindow
RemovePropA
GetMenuState
BeginPaint
GetWindowLongA
ShowWindow
GetMenuContextHelpId

kernel32

HeapAlloc
GetStdHandle
GlobalAlloc
GetModuleHandleA
GetCurrentThreadId
GetTickCount
GetLastError
GlobalSize
IsDebuggerPresent
GlobalFlags
MoveFileA
GlobalHandle
SizeofResource
IsProcessorFeaturePresent
LocalFlags
GetProcAddress
GetDriveTypeA
GetCurrentProcessId
GetFileTime
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
LockResource
GetFileType
CloseHandle
GetVersion
QueryPerformanceCounter
LoadResource
FindResourceA
DeleteFileA
GetProcessHeap

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f0f6728fed938390cd1a7b493280d77

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 212KB - Virtual size: 212KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 315KB

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 212KB - Virtual size: 212KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 315KB

.reloc
Size: 40KB - Virtual size: 40KB