80c131becfed51365705c46b4d54f2f79ea75cfc864a88b43f58396c0cbb571c

General

Target

80c131becfed51365705c46b4d54f2f79ea75cfc864a88b43f58396c0cbb571c
Size

132KB
MD5

063622ac3f6354a315154ca544a23a0b
SHA1

f22058e785e72876833aa9d904194b82968a4d99
SHA256

80c131becfed51365705c46b4d54f2f79ea75cfc864a88b43f58396c0cbb571c
SHA512

2e7242ec73c2673437866ac192d61b73107f262ba29396e602aa6d96f4b69896811d036d4cf097e07444ddb7e1c60440d7389e8e26e2adec9adca77d137a0341
SSDEEP

1536:K9nh1ngy5VXsF+W5caQPY7vHZ2QvmGWFo0OFqdLaHLQjt9dqixIiuPfHNLaMNCMz:I6CVXsF+aTbeGWFo7tHLQR98wI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80c131becfed51365705c46b4d54f2f79ea75cfc864a88b43f58396c0cbb571c

Files

80c131becfed51365705c46b4d54f2f79ea75cfc864a88b43f58396c0cbb571c
.exe windows x86

99fdaccf579496d04c798fcfa0d5e629

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
FindResourceA
FreeLibrary
GetModuleHandleA
LoadResource
SizeofResource
LockResource
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
RaiseException
GetProcAddress
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
SetThreadPriority
CreateThread
Sleep
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetStringTypeW

user32

CreateDialogParamA
DestroyWindow
DispatchMessageA
GetDlgItem
GetMessageA
GetWindowTextA
InvalidateRect
TranslateMessage
SetWindowTextA
SendMessageA
PostQuitMessage
PostMessageA
LoadIconA

winmm

waveOutPrepareHeader
waveOutOpen
waveOutClose
waveOutReset
waveOutUnprepareHeader
waveOutGetPosition
waveOutWrite

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fhxmecg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

99fdaccf579496d04c798fcfa0d5e629

Headers

File Characteristics

Imports

kernel32

user32

winmm

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 33KB

.rsrc Size: 72KB - Virtual size: 72KB

fhxmecg Size: - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 33KB

.rsrc
Size: 72KB - Virtual size: 72KB

fhxmecg
Size: - Virtual size: 4KB