1037bd8262069546496713402cc8d551da9136b7243914b2536f156b00c69db2

Sharing

Copy URL

Twitter E-mail

General

Target

1037bd8262069546496713402cc8d551da9136b7243914b2536f156b00c69db2
Size

1.4MB
MD5

87f870adbc5df839117c2452633a14c9
SHA1

47e90001bba832c6e91a3a9698ab9175ba6f6c57
SHA256

1037bd8262069546496713402cc8d551da9136b7243914b2536f156b00c69db2
SHA512

c5af404cf9c138a74dedd9fceb4565d469bf56a44e0342364236734b1dd68a1446117349872ffd1f41c3b090cce393ee0099e26a4e8cbf22480bd393b88da367
SSDEEP

24576:UX5d7dpAUuJM2WbO72JWNs4cJlztjqAFGGFFADxrz2hXCRTEtIzkM1EZSA4UZZxm:UgnJM2WC74We4ctjqAFJFaDlz2h+TEth

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1037bd8262069546496713402cc8d551da9136b7243914b2536f156b00c69db2

Files

1037bd8262069546496713402cc8d551da9136b7243914b2536f156b00c69db2
.exe windows:4 windows x86

e98a6778fb36e1f663d930769b09a4d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlMoveMemory
GetCurrentThreadId
SetHandleCount
LoadLibraryA
CreatePipe
CreateProcessA
CloseHandle
PeekNamedPipe
ReadFile
GetExitCodeProcess
GetEnvironmentVariableA
CreateWaitableTimerA
SetWaitableTimer
Sleep
CreateIoCompletionPort
GetQueuedCompletionStatus
CreateFileW
WriteFile
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetProcAddress
GetLocalTime
GetModuleFileNameA
GetTickCount
FreeLibrary
LCMapStringA
LocalSize
FlushFileBuffers
SetStdHandle
LCMapStringW
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetModuleHandleW
MultiByteToWideChar
GetVersionExA
GetLastError
TlsGetValue
SetLastError
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
DeleteCriticalSection
TlsSetValue
TlsAlloc

user32

GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
GetInputState
MsgWaitForMultipleObjects
WaitForInputIdle
GetClassNameA
GetAncestor
GetParent
DefWindowProcW
EndPaint
FillRect
BeginPaint
GetWindowThreadProcessId
SetFocus
SetForegroundWindow
BringWindowToTop
AttachThreadInput
IsZoomed
IsIconic
ShowWindow
SetWindowLongW
GetWindowLongW
DestroyIcon
CreateIconFromResource
RegisterClassExW
LoadCursorW
CreateWindowExW
GetSysColor
PeekMessageA

gdi32

DeleteObject
CreateSolidBrush

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e98a6778fb36e1f663d930769b09a4d2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 68KB - Virtual size: 66KB