4cab553aa5c7b1ecd726ce932c5c1540N

Sharing

Copy URL Twitter E-mail

General

Target

4cab553aa5c7b1ecd726ce932c5c1540N
Size

4.7MB
MD5

4cab553aa5c7b1ecd726ce932c5c1540
SHA1

69f412bbde29ae389747f6b3a8ccc6bea29b1c01
SHA256

64eeb062968ecfee3f6624f1cea877528d8f66669710cca0d4591688a6071d85
SHA512

6b94c8e75686167f81b8c95accaa448d85d45858b573f1c64a4a504e2d3728adb94f5c4244ed04cf2a73b79f725e509ebfd53efd92f449f2af38c8f36dbf5cb2
SSDEEP

98304:XVVdQCksJLi0LlzOGiBD1ogZGmnwpDbukOM:X7VLOQD9V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cab553aa5c7b1ecd726ce932c5c1540N

Files

4cab553aa5c7b1ecd726ce932c5c1540N
.exe windows:6 windows x86 arch:x86

8e1d3d4d2254a4f1417b84d03a532a9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
EnterCriticalSection
SetFilePointer
GetACP
LocalFree
CloseHandle
SuspendThread
GetTickCount
QueryPerformanceFrequency
IsDebuggerPresent
GetFullPathNameW
VirtualFree
GetFileSize
GetProcessHeap
HeapAlloc
GetStartupInfoW
ExitProcess
InitializeCriticalSection
GetCPInfoExW
GetThreadPriority
GetCurrentProcess
SetThreadPriority
VirtualAlloc
RtlUnwind
GetCPInfo
GetSystemInfo
GetCommandLineW
ResumeThread
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
HeapCreate
HeapDestroy
ReadFile
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
GetConsoleOutputCP
GetConsoleCP
SetLastError
GetModuleFileNameW
GetLastError
lstrlenW
QueryPerformanceCounter
SetEndOfFile
CompareStringW
CreateThread
HeapFree
WideCharToMultiByte
MultiByteToWideChar
FindClose
LoadLibraryW
LoadLibraryA
ResetEvent
SetEvent
CreateFileW
GetLocaleInfoW
GetVersion
RaiseException
IsDBCSLeadByteEx
FormatMessageW
SwitchToThread
GetExitCodeThread
GetLocalTime
WaitForSingleObject
GetCurrentThread
WriteFile
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
IsValidLocale
TlsSetValue
GetSystemDefaultUILanguage
LoadLibraryExW
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
VirtualQueryEx
GetThreadLocale
SetThreadLocale
Sleep

user32

CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
CharLowerBuffW
LoadStringW
CharUpperW
PeekMessageW
GetSystemMetrics
MessageBoxW

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 848KB - Virtual size: 847KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 26KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 32B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e1d3d4d2254a4f1417b84d03a532a9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 848KB - Virtual size: 847KB

.itext Size: 7KB - Virtual size: 7KB

.data Size: 15KB - Virtual size: 15KB

.bss Size: - Virtual size: 26KB

.idata Size: 3KB - Virtual size: 3KB

.didata Size: 512B - Virtual size: 490B

.edata Size: 512B - Virtual size: 121B

.tls Size: - Virtual size: 32B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 78KB - Virtual size: 78KB

.rsrc Size: 11KB - Virtual size: 11KB

.debug Size: 3.8MB - Virtual size: 3.8MB

.text
Size: 848KB - Virtual size: 847KB

.itext
Size: 7KB - Virtual size: 7KB

.data
Size: 15KB - Virtual size: 15KB

.bss
Size: - Virtual size: 26KB

.idata
Size: 3KB - Virtual size: 3KB

.didata
Size: 512B - Virtual size: 490B

.edata
Size: 512B - Virtual size: 121B

.tls
Size: - Virtual size: 32B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 11KB - Virtual size: 11KB

.debug
Size: 3.8MB - Virtual size: 3.8MB