46ef3c8300d94ee30477e91af51292b707075bcc55a2d30a47338422c2f88bb8[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

46ef3c8300d94ee30477e91af51292b707075bcc55a2d30a47338422c2f88bb8.exe
Size

193KB
MD5

ec968ef4f284d6f78f7febbf47a53e55
SHA1

150212737147274f9da79644a781f1d7b2dac843
SHA256

46ef3c8300d94ee30477e91af51292b707075bcc55a2d30a47338422c2f88bb8
SHA512

9bc8090120a503d43d0811642596cf70cee1fcbaaf536feb033000dc009a09d056df77a2bfbcae3113d2546987867c8007a73cfdf88ffb10fac0c9395ea0854c
SSDEEP

3072:pdw8KI2FAwZXhgEYHTWglAGib6nYNw56Fdw0wAIFhgJTZO9/6OCTMFkp35:pd5hMWNHrlabBw5OwA49ijTGe5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46ef3c8300d94ee30477e91af51292b707075bcc55a2d30a47338422c2f88bb8.exe

Files

46ef3c8300d94ee30477e91af51292b707075bcc55a2d30a47338422c2f88bb8.exe
.exe windows:4 windows x86 arch:x86

d8e381cb8ed27127a4cc6359b9e030b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA

gdi32

SetStretchBltMode
GetStockObject
CreateFontA
StretchDIBits
RealizePalette
CreateDIBitmap
SelectObject
BitBlt
DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
SelectPalette
GetDIBits
CreateDIBSection
DeleteObject
ExtEscape
GetDeviceCaps
SetBkMode

user32

GetWindowTextLengthA
IsChild
GetWindowTextA
ReleaseCapture
DispatchMessageA
SendMessageTimeoutA
SendNotifyMessageA
PostMessageA
SetFocus
CopyRect
wvsprintfA
SetCapture
GetClassInfoExA
CharNextA
GetClientRect
FindWindowA
IsWindow
RegisterClassExA
SetWindowTextA
PostThreadMessageA
GetWindowLongA
GetDC
GetActiveWindow
SetParent
UnregisterClassA
DefWindowProcA
RegisterWindowMessageA
SetTimer
EnumDisplayDevicesA
EndPaint
ReleaseDC
ShowWindow
DestroyWindow
CallWindowProcA
GetWindow
GetParent
LoadCursorA
MoveWindow
GetDesktopWindow
KillTimer
RedrawWindow
InvalidateRect
CreateWindowExA
CreateDialogParamA
BeginPaint
SendMessageA
EqualRect
GetWindowRect
GetDlgItem
GetSysColor
FillRect
MsgWaitForMultipleObjects
SetWindowLongA
PeekMessageA
DrawTextA
DestroyAcceleratorTable
GetFocus
CreateAcceleratorTableA
GetQueueStatus
InvalidateRgn
wsprintfA
SetRect
GetClassNameA
SetWindowPos

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

GetLongPathNameW
GlobalFree
GetTickCount
CreateFileMappingA
UnmapViewOfFile
GetProcessId
GlobalSize
WriteFile
WideCharToMultiByte
GetFileSize
LocalFree
SetFilePointer
CreateFileW
EnumResourceTypesA
ReadFile
Sleep
GetFileAttributesA
DisableThreadLibraryCalls
MapViewOfFile
GlobalAlloc
LocalAlloc
CreateFileA
CloseHandle

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

advapi32

RegCreateKeyExA
CryptCreateHash
RegQueryValueExA
CryptEncrypt
RegQueryInfoKeyA
RegEnumValueA
CryptReleaseContext
RegDeleteValueA
RegOpenKeyExA
CryptImportKey
CryptGetHashParam
RegEnumKeyExA
CryptHashData
CryptAcquireContextA
RegSetValueExA
CryptDestroyHash
CryptDestroyKey
RegCloseKey
RegDeleteKeyA

ole32

CreateStreamOnHGlobal
CreateItemMoniker
StgCreateDocfile
StringFromGUID2
CreateBindCtx
StgIsStorageFile
CoInitialize
CoUninitialize
CoTaskMemRealloc
OleInitialize
OleUninitialize
StgOpenStorage
BindMoniker
CoTaskMemAlloc
CoGetClassObject
GetRunningObjectTable
CoSetProxyBlanket
CLSIDFromProgID
OleLockRunning
CoInitializeSecurity
CoCreateInstance
CoTaskMemFree
CLSIDFromString

winmm

timeGetTime
timeSetEvent

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

shlwapi

PathFileExistsW
PathCombineW

gdiplus

GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipFree
GdipAlloc
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCloneImage

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8e381cb8ed27127a4cc6359b9e030b3

Headers

File Characteristics

Imports

version

gdi32

user32

setupapi

kernel32

wininet

advapi32

ole32

winmm

shell32

shlwapi

gdiplus

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 77KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 108KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 77KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 108KB