4b8c442b1837e1e77eda64be3ba380f45854602c69b5d4c451d086b63dad1e20[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

4b8c442b1837e1e77eda64be3ba380f45854602c69b5d4c451d086b63dad1e20.exe
Size

1.6MB
MD5

d0a3c6b113b5d14c133ed1a2ad57cc67
SHA1

64bc22486a0a42150e7bbf7cdb80fc9236ebf130
SHA256

4b8c442b1837e1e77eda64be3ba380f45854602c69b5d4c451d086b63dad1e20
SHA512

a3023b2c9bc2e64e79fe28540e67cffa9db71f61264244539790ed7b27a6f2bcab0fadfbb9970a2f87a1fb4f38d66534d733dd2b631471534799970b426c5c70
SSDEEP

24576:22XPYXKNix826VDebc46vVa4eZwq86QAhhUkXuMDtz6BlgF:3YXGUQVDebcFvVa4eZw6QAhukeMJz66F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b8c442b1837e1e77eda64be3ba380f45854602c69b5d4c451d086b63dad1e20.exe

Files

4b8c442b1837e1e77eda64be3ba380f45854602c69b5d4c451d086b63dad1e20.exe
.exe windows:5 windows x86 arch:x86

12264006a4dd1735b47f82b81b998cfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\dd\xcp\Silverlight\Desktop_RET\Sllauncher.pdb

Imports

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
GetTokenInformation
GetKernelObjectSecurity
GetAclInformation
CreateRestrictedToken
CopySid
EqualSid
CreateProcessAsUserW
SetTokenInformation
LookupPrivilegeValueW
GetAce
InitializeAcl
AddAccessAllowedAce
IsValidSid
AddAce
GetLengthSid
GetSecurityDescriptorDacl
CreateWellKnownSid
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW

kernel32

GetLastError
GetStartupInfoW
GetModuleFileNameW
GetCurrentProcess
IsDebuggerPresent
GetProcAddress
LoadLibraryW
FreeLibrary
GetCommandLineW
RemoveDirectoryW
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
CreateFileW
ReadFile
GetVersionExW
WriteFile
GetModuleHandleW
SetEnvironmentVariableW
SetFilePointer
GetFileSize
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
InterlockedIncrement
GlobalUnlock
GlobalLock
GlobalAlloc
SetLastError
GlobalAddAtomW
GlobalGetAtomNameW
GetCurrentProcessId
lstrlenW
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GetCurrentThreadId
FreeResource
GetThreadLocale
FileTimeToSystemTime
MulDiv
LocalFree
FormatMessageW
GlobalFree
InterlockedDecrement
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalFlags
lstrlenA
GetModuleHandleA
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
WritePrivateProfileStringW
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA

user32

GetClientRect
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
SetCapture
GetDesktopWindow
SetWindowPos
SetFocus
ReleaseCapture
TranslateAcceleratorW
ShowWindow
GetWindow
SetMenu
BringWindowToTop
GetLastActivePopup
GetMenu
SetRectEmpty
GetClassInfoW
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
InsertMenuItemW
LoadAcceleratorsW
GetCapture
PeekMessageW
SetCursor
LoadIconW
GetKeyState
GetDlgCtrlID
SetWindowLongW
GetDlgItem
GetActiveWindow
GetWindowThreadProcessId
WinHelpW
DestroyMenu
LoadMenuW
ReuseDDElParam
UnpackDDElParam
GetSysColor
GetClassNameW
GetWindowPlacement
SystemParametersInfoA
PtInRect
CallWindowProcW
DefWindowProcW
SetWindowPlacement
DeferWindowPos
ScreenToClient
RegisterClassW
GetClassInfoExW
CreateWindowExW
SetForegroundWindow
TrackPopupMenu
CopyAcceleratorTableW
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
IsChild
SendDlgItemMessageA
SendDlgItemMessageW
IsWindowEnabled
InflateRect
GetMenuItemInfoW
IsDialogMessageW
SetWindowTextW
MoveWindow
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
ValidateRect
GetCursorPos
TranslateMessage
GetMessageW
RegisterClipboardFormatW
ClientToScreen
GetSysColorBrush
LoadCursorW
CharNextW
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
UnregisterClassW
CharUpperW
GetNextDlgGroupItem
GetNextDlgTabItem
MessageBeep
PostThreadMessageW
EndDialog
CreateDialogIndirectParamW
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
GetSystemMetrics
AdjustWindowRectEx
SetMenuDefaultItem
FlashWindow
DrawMenuBar
MonitorFromWindow
EnableMenuItem
SystemParametersInfoW
GetWindowInfo
IsZoomed
PostMessageW
LoadImageW
IsIconic
SetActiveWindow
GetWindowRect
GetSystemMenu
SetWindowRgn
UpdateWindow
MessageBoxW
RegisterWindowMessageW
WaitForInputIdle
EqualRect
GetWindowLongW
IntersectRect
OffsetRect
SetRect
IsWindow
IsRectEmpty
CheckMenuItem
IsWindowVisible
SendMessageW
EnableWindow
GetMonitorInfoW

gdi32

GetRgnBox
CreateCompatibleBitmap
CreateBitmap
GetClipBox
SetTextColor
CreateCompatibleDC
CreateRectRgnIndirect
GetMapMode
CreateSolidBrush
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
CreateRectRgn
CreateRoundRectRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
DeleteObject
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateFontIndirectW
GetDeviceCaps
GetObjectW
SetBkColor

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathCombineW
PathRemoveFileSpecW
PathIsUNCW

shell32

DragFinish
DragQueryFileW
SHGetFolderPathW
SHFileOperationW
CommandLineToArgvW

ole32

CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemFree
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
CoInitialize
CoUninitialize

comdlg32

GetFileTitleW

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
SysAllocStringLen
SysAllocString
SysStringLen
VariantClear

oledlg

OleUIBusyW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Exports

Exports

GetWindowInterface

Sections

.text
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.3MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12264006a4dd1735b47f82b81b998cfb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

gdi32

winspool.drv

shlwapi

shell32

ole32

comdlg32

oleaut32

oledlg

version

Exports

Exports

Sections

.text Size: 309KB - Virtual size: 308KB

.data Size: 11KB - Virtual size: 26KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 1.3MB - Virtual size: 1.9MB

.text
Size: 309KB - Virtual size: 308KB

.data
Size: 11KB - Virtual size: 26KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 1.3MB - Virtual size: 1.9MB