4f43e4aee8ff9639125699ea3d40104c439e7a66d65d653a4155c3c22587af4c[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

4f43e4aee8ff9639125699ea3d40104c439e7a66d65d653a4155c3c22587af4c.exe
Size

101KB
MD5

52950f24f53e9d79469ead7095709321
SHA1

6a03ab8d439a55e77679f73c24f9d46192ea20cd
SHA256

4f43e4aee8ff9639125699ea3d40104c439e7a66d65d653a4155c3c22587af4c
SHA512

2ef4529720116ce771577ac345f9c2d1fb5521f2724bf1a553756087ae33505f0d5cf673e00a8adcf07cb3a4719f6f000e8b8c38c168ec0878cc461e5226d1ec
SSDEEP

3072:FqKRjqCvdTNKB5LwlhxLSIjOlUyPMkV3q+:HRuCvdcTChdSIjOjI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f43e4aee8ff9639125699ea3d40104c439e7a66d65d653a4155c3c22587af4c.exe

Files

4f43e4aee8ff9639125699ea3d40104c439e7a66d65d653a4155c3c22587af4c.exe
.exe windows:5 windows x86 arch:x86

869d84815c81bd036bd2e3278bfd7909

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
FormatMessageW
GlobalUnlock
GetEnvironmentStringsW
FileTimeToSystemTime
GetSystemTimeAsFileTime
GlobalFree
SetLastError
GetTickCount
GetComputerNameW
OutputDebugStringW
GetCurrentProcess
LoadLibraryW
lstrcmpiW
GlobalLock
DeleteCriticalSection
lstrlenW
InterlockedDecrement
IsBadReadPtr
GetSystemWindowsDirectoryW
QueryPerformanceCounter
lstrcpyW
RemoveDirectoryA
WideCharToMultiByte
GetLastError
FileTimeToLocalFileTime
GetSystemDefaultLangID
GetDateFormatW
InitializeCriticalSection
CloseHandle
GetModuleFileNameW
GetCPInfo
SetUnhandledExceptionFilter
LocalFree
GetProcAddress
GlobalAlloc
GetStartupInfoA
OutputDebugStringA
GetModuleHandleA
LocalReAlloc
CreateFileW

msvcrt

free
??1type_info@@UAE@XZ
??2@YAPAXI@Z
wcslen
wcsstr
wcsrchr
??3@YAXPAX@Z
_initterm
?terminate@@YAXXZ
wcscpy
_except_handler3
wcscmp
_adjust_fdiv
wcscat
mbstowcs
__dllonexit
wcschr
_onexit
wcstoul
memmove
__RTDynamicCast
_wcsupr
vswprintf
_wcsicmp
malloc

user32

SendDlgItemMessageW
LoadImageW
SetFocus
GetParent
SetWindowTextW
GetDlgItem
LoadIconW
SendMessageW
GetWindowLongW
InsertMenuItemW
LoadCursorW
EndDialog
ReleaseDC
SetCursor
SetDlgItemTextW
PostMessageW
DialogBoxParamW
WinHelpW
GetDC
MessageBoxW
LoadStringW
SystemParametersInfoW
SetWindowLongW
GetDlgItemTextA
EnableWindow
LoadBitmapW
RegisterClipboardFormatW
wsprintfW

advapi32

RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW

certcli

CAFreeCAProperty
CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAFindCertTypeByName
CAEnumNextCertType
CASetCertTypeExtension
CAAddCACertificateType
CAUpdateCA
CAFindByName
CAFreeCertTypeProperty
CACloseCA
CASetCertTypeProperty
CACloseCertType
CACreateCertType
CASetCertTypeKeySpec
CAGetCAProperty
CAGetCertTypeFlags
CAGetCertTypePropertyEx
CAGetCertTypeProperty
CACertTypeGetSecurity
CACertTypeSetSecurity
CASetCertTypeFlags
CAUpdateCertType
CARemoveCACertificateType
CAEnumCertTypes

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

869d84815c81bd036bd2e3278bfd7909

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

certcli

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 117KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 117KB

.rsrc
Size: 23KB - Virtual size: 22KB