48974dd06ef7e2587826fb6d0e4fe7b0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

48974dd06ef7e2587826fb6d0e4fe7b0.exe
Size

352KB
MD5

48974dd06ef7e2587826fb6d0e4fe7b0
SHA1

574a56950ab7f860b9a34238058bdd57958222db
SHA256

5acd0b023bd7da111dc456b74894af78e3355c4ed8a7e87fab9068e70fbc2268
SHA512

9672cc8820a63489992200778a2cdb5f73afc344db0462efbba1b592bdc042a6e7e50cf837faa283c3186dcf2d5656a5c7b067294db28dcf302981714cd7a992
SSDEEP

6144:e8ubWcC2hsfVfLg5+fTFZH/IWCvHRfdh8tkS8R9SqtJCAxAYUSEy9AfC0v:etSIhsRLE+fTFZgnvxfdh8tnDs0wAfSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48974dd06ef7e2587826fb6d0e4fe7b0.exe

Files

48974dd06ef7e2587826fb6d0e4fe7b0.exe
.exe windows:4 windows x86 arch:x86

bef40bc1b92b46a02b66ed837f361d00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetApiBufferFree
DsGetDcNameW

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

user32

GetFocus
RemovePropW
DestroyWindow
SetWindowPos
RegisterWindowMessageW
CheckMenuItem
PtInRect
IsWindow
GetClassInfoExW
DefWindowProcW
SetWindowTextW
LoadBitmapW
GetMenuItemCount
SendMessageW
GetWindow
CreateWindowExW
GetTopWindow
GrayStringW
LoadCursorW
TabbedTextOutW
GetMenuCheckMarkDimensions
GetMessagePos
GetActiveWindow
GetMessageTime
SystemParametersInfoA
SetWindowLongW
GetSysColor
CallNextHookEx
GetMenuItemID
DispatchMessageW
GetSubMenu
GetForegroundWindow
GetWindowTextW
GetKeyState
PeekMessageW
ValidateRect
ReleaseDC
GetCapture
GetClassLongW
GetClassInfoW
LoadIconW
GetSysColorBrush
EnableWindow
SetMenu
SetCursor
AdjustWindowRectEx
CopyRect
GetMenu
SetWindowsHookExW
IsWindowVisible
CallWindowProcW
EnableMenuItem
PostMessageW
GetWindowLongW
DrawTextW
GetClassNameW
ModifyMenuW
GetWindowPlacement
GetDC
GetMenuState
MessageBoxW
UnhookWindowsHookEx
GetMessageW
GetPropW
GetWindowRect
GetClientRect
SetMenuItemBitmaps
ShowWindow
GetCursorPos
GetWindowThreadProcessId
RegisterClassW
GetSystemMetrics
ClientToScreen
IsIconic
DrawTextExW
SetPropW
WinHelpW
GetDlgItem
DestroyMenu
GetDlgCtrlID
IsWindowEnabled
GetLastActivePopup
TranslateMessage
MapWindowPoints

advapi32

EqualSid
ConvertStringSidToSidW
GetNamedSecurityInfoW
LookupAccountSidW
LookupAccountNameW
RegCloseKey
InitializeAcl
ConvertSidToStringSidW
RegEnumKeyW
RegQueryValueW
CopySid
RegOpenKeyExW
LookupPrivilegeValueW
ConvertSecurityDescriptorToStringSecurityDescriptorW
AddAccessAllowedAce
AdjustTokenPrivileges
GetSecurityDescriptorControl
GetKernelObjectSecurity
SetSecurityInfo
DeleteAce
IsValidSecurityDescriptor
RegConnectRegistryW
OpenProcessToken
RegDeleteKeyW
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetLengthSid
MapGenericMask
RegSetValueExW
AddAce
GetAce
RegOpenKeyW
RegCreateKeyExW
SetNamedSecurityInfoW
RegEnumKeyExW
IsValidSid
SetEntriesInAclW
IsValidAcl
GetAclInformation
MakeAbsoluteSD

kernel32

LocalFree
RtlUnwind
LCMapStringW
GetModuleHandleA
FlushFileBuffers
FindResourceW
GetCommandLineW
DeleteCriticalSection
SetStdHandle
GetCurrentThread
HeapCreate
ReadFile
GlobalUnlock
IsValidCodePage
FindNextFileW
GetProcAddress
HeapSize
LoadLibraryExW
LoadResource
QueryPerformanceCounter
GlobalAlloc
SetFilePointer
FormatMessageW
TlsSetValue
GetConsoleMode
InterlockedExchange
LoadLibraryW
SetLastError
GetStringTypeA
lstrcmpA
GetConsoleOutputCP
GlobalAddAtomW
CreateFileW
LockResource
TlsAlloc
GetLocaleInfoW
GetModuleHandleW
lstrlenW
lstrlenA
HeapAlloc
GlobalFindAtomW
ExitProcess
GetFileType
GlobalReAlloc
GlobalFlags
EnumResourceLanguagesW
InterlockedDecrement
GetCurrentProcess
EnterCriticalSection
VirtualFree
FindFirstFileW
GlobalLock
GetSystemTimeAsFileTime
TlsGetValue
WriteConsoleA
Sleep
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
WriteFile
GlobalFree
GetCurrentThreadId
GetLocaleInfoA
CreateFileA
GetFileAttributesW
ConvertDefaultLocale
SetEndOfFile
InterlockedIncrement
GetOEMCP
GlobalHandle
HeapReAlloc
LeaveCriticalSection
WritePrivateProfileStringW
GetLastError
LoadLibraryA
GlobalDeleteAtom
TlsFree
WriteConsoleW
FreeEnvironmentStringsW
HeapFree
GetProcessHeap
GetStdHandle
GetVersionExW
FreeLibrary
GetCurrentProcessId
SetErrorMode
LocalReAlloc
GetModuleFileNameW
InitializeCriticalSection
CloseHandle
FindClose
SetUnhandledExceptionFilter
GetConsoleCP
GetEnvironmentStringsW
GetCPInfo
IsDebuggerPresent
SizeofResource
GetStartupInfoA
GetVersionExA
GetACP
lstrcmpW
LocalAlloc
LCMapStringA
RaiseException

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bef40bc1b92b46a02b66ed837f361d00

Headers

File Characteristics

Imports

netapi32

mpr

user32

advapi32

kernel32

oleaut32

Sections

.text Size: 65KB - Virtual size: 68KB

.data Size: 253KB - Virtual size: 253KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 20KB

.idata Size: 6KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 65KB - Virtual size: 68KB

.data
Size: 253KB - Virtual size: 253KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 20KB

.idata
Size: 6KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 19KB - Virtual size: 19KB