4fda90c7467343fccdd8273c334b79e5fbc028af4a62666e39baf2bbc751d785

Sharing

Copy URL Twitter E-mail

General

Target

4fda90c7467343fccdd8273c334b79e5fbc028af4a62666e39baf2bbc751d785
Size

2.8MB
MD5

67458ee6dddceef3b5e1760a41b9996b
SHA1

f9878954a02c841be783945afaad7db4be6ac3eb
SHA256

4fda90c7467343fccdd8273c334b79e5fbc028af4a62666e39baf2bbc751d785
SHA512

4f6c464c11a190d639b13c4bfb3b58dee4d777ad8f0ec74700c1ac53561c1c41ebed19944ad54efbd3f221da2d91fcc37e49928c43d6fa3eaa2f783e000f1257
SSDEEP

24576:YDPut5mGIZD3NrAKcC0wB8fD1/+Y0Wai65nVZdFJ7LzAexGPNliLgeUkoLzZ9r6E:gmQbsMr5N4JvFLzZ9r6cb+cxsoWUh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fda90c7467343fccdd8273c334b79e5fbc028af4a62666e39baf2bbc751d785

Files

4fda90c7467343fccdd8273c334b79e5fbc028af4a62666e39baf2bbc751d785
.exe windows:5 windows x86 arch:x86

5ccd76276b9debce8419e05961e413f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
toupper
tolower
strncmp
strlen
strchr
memset
memmove
memcpy
memcmp
malloc
isxdigit
isupper
isspace
ispunct
isprint
islower
isgraph
isdigit
iscntrl
isalpha

winmm

waveInOpen
waveInGetErrorTextW
waveInClose
waveInPrepareHeader
timeSetEvent
timeKillEvent
timeGetTime
timeGetDevCaps
waveInReset
waveInStart
waveInGetNumDevs
waveInAddBuffer

comctl32

ImageList_EndDrag
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_GetBkColor
ImageList_Create
ImageList_BeginDrag
ImageList_Add
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
ImageList_GetDragImage
ord17
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_Write
ImageList_Destroy

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetStartupInfoA
GetModuleHandleA
GetLastError
GetStartupInfoW
GetCommandLineA
LoadLibraryA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
IsValidCodePage
WritePrivateProfileStringA
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
ExitProcess
GetCPInfo

user32

LoadIconW
LoadCursorW
LoadImageW
IsIconic
WindowFromPoint
WinHelpA
wsprintfA
GetSystemMetrics
EmptyClipboard
WaitMessage
GetKeyState

gdi32

LineTo
LPtoDP
MaskBlt
MoveToEx
PatBlt
PathToRegion
PlayEnhMetaFile
Polygon
Polyline
PolyPolyline
PtInRegion
RealizePalette
Rectangle
RectVisible
ResetDCA
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetMetaRgn
SetPaletteEntries
SetPixel
SetROP2
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
ExtCreatePen
WidenPath
UnrealizeObject
TranslateCharsetInfo
TextOutW
IntersectClipRect
GetWinMetaFileBits
GetWindowOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextMetricsA
GetTextExtentPointW
GetTextExtentPointA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetTextExtentExPointW
GetTextExtentExPointA
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetOutlineTextMetricsA
GetObjectA
GetNearestPaletteIndex
GetNearestColor
GetMapMode
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionA
StrokePath
StrokeAndFillPath
StretchDIBits
StretchBlt
StartPage
StartDocA
SetWinMetaFileBits
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetTextJustification
CreateCompatibleDC
ArcTo
BeginPath
BitBlt
CloseEnhMetaFile
CloseFigure
CombineRgn
CopyEnhMetaFileA
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateDCA
CreateDIBitmap
CreateDIBSection
CreateEllipticRgnIndirect
CreateEnhMetaFileA
CreateFontIndirectA
CreateFontW
CreateHalftonePalette
CreateHatchBrush
CreateICA
CreatePalette
CreatePenIndirect
CreatePolygonRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
DPtoLP
Ellipse
EndDoc
EndPage
EndPath
EnumEnhMetaFile
EnumFontFamiliesExA
ExcludeClipRect
GetEnhMetaFileBits
ExtCreateRegion
ExtTextOutA
ExtTextOutW
FillRgn
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
SetTextColor

winspool.drv

DeviceCapabilitiesA
EnumPrintersA
OpenPrinterA
StartDocPrinterA
StartPagePrinter
ClosePrinter
DocumentPropertiesA
EndDocPrinter
EndPagePrinter
WritePrinter

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
ChooseFontA

advapi32

RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetFileInfoA

ole32

StringFromGUID2
OleUninitialize
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromProgID
CoCreateGuid
OleInitialize

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
VariantCopyInd
VariantClear
VariantChangeTypeEx
SysStringLen
SysReAllocStringLen

Sections

.text
Size: 428KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Oaec28
Size: 4KB - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.virt
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5ccd76276b9debce8419e05961e413f5

Headers

File Characteristics

Imports

msvcrt

winmm

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 428KB - Virtual size: 424KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 12.1MB

.Oaec28 Size: 4KB - Virtual size: 537B

.rsrc Size: 52KB - Virtual size: 52KB

.virt Size: 2.3MB - Virtual size: 2.3MB

.text
Size: 428KB - Virtual size: 424KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 12.1MB

.Oaec28
Size: 4KB - Virtual size: 537B

.rsrc
Size: 52KB - Virtual size: 52KB

.virt
Size: 2.3MB - Virtual size: 2.3MB