4ae75dfd687759b13a4f3fea0bd46ad8ca411ebed25a03bb876f52bfc9544b20

Sharing

Copy URL Twitter E-mail

General

Target

4ae75dfd687759b13a4f3fea0bd46ad8ca411ebed25a03bb876f52bfc9544b20
Size

5.0MB
MD5

a0e6e87e026bb8b3d85350555322166a
SHA1

010d92b7003243bde7f395eb580949c877b3106d
SHA256

4ae75dfd687759b13a4f3fea0bd46ad8ca411ebed25a03bb876f52bfc9544b20
SHA512

2fa12b53e28a4798ab8769b322c79b0ee9ce5f7f23101527ead9de0822e20e6802c92a776d0c12e0871d67e5cf5d63bb3784e5f8fd49a638234f1b78f8981829
SSDEEP

98304:/VxhKGon+H3Ux96jfKBOYNqGKtKFNG6+EYcLgmCu+W6A0MvsgdoUhbxRnS80Pq:/zon+H3woK1NqnKpYOCPrA0MvBdoUhbl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ae75dfd687759b13a4f3fea0bd46ad8ca411ebed25a03bb876f52bfc9544b20

Files

4ae75dfd687759b13a4f3fea0bd46ad8ca411ebed25a03bb876f52bfc9544b20
.exe windows:5 windows x86 arch:x86

d608c16e08692cfe76011ff887597845

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen

ole32

CoInitialize
CoCreateInstance
CoUninitialize
OleInitialize

user32

SetWindowTextW
InvalidateRect
EnableWindow
GetKeyState
GetFocus
SetFocus
SetDlgItemTextW
EndDialog
PostMessageW
MessageBoxW
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoW
MapDialogRect
GetParent
SetWindowLongW
GetWindowLongW
ScreenToClient
GetWindowRect
GetDlgItem
DialogBoxParamW
MoveWindow
ShowWindow
GetWindowTextLengthW
GetWindowTextW
SendMessageW
LoadStringW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CharUpperW
LoadIconW
LoadCursorW
SetCursor
KillTimer
SetTimer
CheckDlgButton
IsDlgButtonChecked

shell32

SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW

kernel32

RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
CreateSemaphoreW
CreateEventW
WaitForSingleObject
ReleaseSemaphore
ResetEvent
SetEvent
InitializeCriticalSection
lstrlenW
lstrcatW
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
WaitForMultipleObjects
SetPriorityClass
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStdHandle
GetProcessAffinityMask
GlobalMemoryStatus
GetSystemInfo
GetCurrentProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
CompareFileTime
GlobalFree
GlobalAlloc
WriteFile
SetFilePointer
SetEndOfFile
ReadFile
GetFileSize
GetModuleHandleA
GetLogicalDriveStringsW
GetFileInformationByHandle
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
MoveFileW
GetModuleHandleW
GetSystemDirectoryW
GetTickCount
GetCommandLineW
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
MultiByteToWideChar
GlobalLock
GlobalUnlock
GetModuleFileNameW
LoadLibraryExW
LocalFree
FormatMessageW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
SetFileTime
CloseHandle
SetLastError
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess

msvcrt

??_V@YAXPAX@Z
memcmp
memcpy
memmove
memset
wcsstr
wcscmp
_CxxThrowException
strlen
free
??_U@YAPAXI@Z
_beginthreadex
_except_handler3
??2@YAPAXI@Z
__setusermatherr
_initterm
exit
_exit
_c_exit
__p__commode
_errno
__getmainargs
atexit
__CxxFrameHandler
_lock
_unlock
__dllonexit
__set_app_type
_ismbblead
_acmdln
_control87
_XcptFilter
_fmode
_purecall
malloc
?terminate@@YAXXZ
??3@YAXPAX@Z
_cexit

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d608c16e08692cfe76011ff887597845

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

ole32

user32

shell32

kernel32

msvcrt

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 512B - Virtual size: 82KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 143KB - Virtual size: 142KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 512B - Virtual size: 82KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 143KB - Virtual size: 142KB