4da48445c1133df69413d361291f036a237ad7c43a27ae5733367facea836620N

Sharing

Copy URL Twitter E-mail

General

Target

4da48445c1133df69413d361291f036a237ad7c43a27ae5733367facea836620N
Size

226KB
MD5

0360479902e22bcfbbb8652c0cf8c030
SHA1

c4c715bb6ab04d7578812668a41f7bf5bdc52eec
SHA256

4da48445c1133df69413d361291f036a237ad7c43a27ae5733367facea836620
SHA512

1ca97fa7ae014ccc98b20fc99d953e1c6dd7e51676acc5b6a6785b01edf39c8042628c97d60f018f29fcc50533dfe3d542c025116cc8106d6f69d37e905f1091
SSDEEP

6144:OQLxTJyLoJufTV/hYFBbXWzZ667E+wMLA8S:OQdJyfF2FBWzZz7Q/8S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4da48445c1133df69413d361291f036a237ad7c43a27ae5733367facea836620N

Files

4da48445c1133df69413d361291f036a237ad7c43a27ae5733367facea836620N
.exe windows:4 windows x86 arch:x86

0738877a14bae24c87c6ca7f4dc97038

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_adjust_fdiv
__p__commode
wcsrchr
fclose
_wcsicmp
exit
fwprintf
_wcsnicmp
__p__fmode
__wgetmainargs
wcscmp
_controlfp
wcschr
_initterm
_cexit
_exit
_XcptFilter
_c_exit
wcscat
_except_handler3
__winitenv

kernel32

GetTempPathW
LocalFree
GetSystemTimeAsFileTime
FreeLibrary
lstrcpyW
CloseHandle
GetFullPathNameW
GetTickCount
lstrcpynW
FormatMessageW
GetProcAddress
GetCommandLineA
ExitProcess
GetLastError
GetCurrentProcess
UnhandledExceptionFilter
GetCurrentProcessId
lstrlenW
GetModuleHandleA
VirtualAlloc
VirtualFree
LoadLibraryW
QueryPerformanceCounter
FileTimeToSystemTime

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey

gdi32

GetBrushOrgEx
GetCurrentPositionEx
LineTo
SelectClipRgn
GetObjectA
SetWinMetaFileBits
GetEnhMetaFileBits
GetWindowOrgEx
SetWindowOrgEx
SetViewportOrgEx
IntersectClipRect
SetBrushOrgEx
SetBkColor
GetClipBox
GetTextMetricsA
SaveDC
ExtCreatePen
CreatePenIndirect
CreateSolidBrush
GetDCOrgEx
RectVisible
SetROP2
CreateBitmap
BitBlt
CreateHalftonePalette
CreateDIBSection
GetWinMetaFileBits
ExcludeClipRect
CreateCompatibleDC
SetEnhMetaFileBits
CopyEnhMetaFileA
GetPaletteEntries
PolyPolyline
SetTextColor
CreateDIBitmap
MaskBlt
GetDIBits
SetStretchBltMode
DeleteObject
SetPixel
GetEnhMetaFileHeader
RealizePalette
SetViewportExtEx
GetSystemPaletteEntries
GetDeviceCaps

comctl32

ord17
ImageList_Destroy

shell32

Shell_NotifyIconA
SHFreeNameMappings

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0738877a14bae24c87c6ca7f4dc97038

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

gdi32

comctl32

shell32

winspool.drv

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 37KB - Virtual size: 39KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 37KB - Virtual size: 39KB

.rsrc
Size: 9KB - Virtual size: 9KB