e450920dad96f33984b93ba62b5950f7d147e1f23a8be52ed906148ede2420c1

Sharing

Copy URL Twitter E-mail

General

Target

e450920dad96f33984b93ba62b5950f7d147e1f23a8be52ed906148ede2420c1
Size

72KB
MD5

048438016df3be7e7c7fe4c4fd27be9e
SHA1

08aedf68dc7c5f1426cb8f5ea68862824d8f27aa
SHA256

e450920dad96f33984b93ba62b5950f7d147e1f23a8be52ed906148ede2420c1
SHA512

ea9b141840066ef9a23d7b3a0b8e5ab6b73ae4194d60d2597fd79e2240a653363200d813943174e1fea4fa998ef059f6bf07d78748f792a3c3e69da18c5207e5
SSDEEP

1536:LhtXECzrtE4TLHyMhEIWx1b7hEHrAObrX0URu:LhxSzsDq7hqrAObrX0URu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e450920dad96f33984b93ba62b5950f7d147e1f23a8be52ed906148ede2420c1

Files

e450920dad96f33984b93ba62b5950f7d147e1f23a8be52ed906148ede2420c1
.exe windows:4 windows x86

3752d00b0d4fff795a7ef05ff901c030

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun
CoUninitialize
CoInitialize

kernel32

CloseHandle
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetModuleHandleA
GetProcAddress
lstrcpyn
MultiByteToWideChar
CreatePipe
CreateProcessW
PeekNamedPipe
ReadFile
GetExitCodeProcess
Sleep
GetProcessHeap
ExitProcess
HeapAlloc
SetWaitableTimer
HeapFree
IsBadReadPtr
LocalFree
GetCommandLineW
GetModuleFileNameA
WriteFile
CreateFileA
GetPrivateProfileStringA
DeleteFileA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
GetFileSize
GetVersionExA
GetUserDefaultLCID
FreeLibrary
LoadLibraryA
LCMapStringA
CreateWaitableTimerA
WideCharToMultiByte
lstrlenW
GetTickCount
GetCurrentProcessId
HeapReAlloc

user32

DispatchMessageA
wsprintfA
MessageBoxA
CallWindowProcA
WaitForInputIdle
MsgWaitForMultipleObjects
TranslateMessage
GetClassNameA
GetParent
GetWindowThreadProcessId
IsWindowVisible
FindWindowExA
MessageBoxTimeoutA
GetMessageA
PeekMessageA
GetWindowTextLengthW
GetWindowTextW

oleaut32

SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
VarR8FromBool
VarR8FromCy
SysFreeString
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantInit
SysAllocString
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime

advapi32

RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegFlushKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

msvcrt

??3@YAXPAX@Z
strchr
??2@YAPAXI@Z
sprintf
free
malloc
atoi
strncpy
memmove
realloc
strncmp
_ftol
modf
__CxxFrameHandler
_stricmp

shell32

CommandLineToArgvW

shlwapi

PathFileExistsA

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3752d00b0d4fff795a7ef05ff901c030

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

msvcrt

shell32

shlwapi

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 52KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 52KB

.rsrc
Size: 4KB - Virtual size: 4KB