852146a0967accb1232f4a3c74215f5d

Sharing

Copy URL

Twitter E-mail

General

Target

852146a0967accb1232f4a3c74215f5d
Size

238KB
MD5

852146a0967accb1232f4a3c74215f5d
SHA1

0deb7cf27853f8bf5ec975883d3d9a2f14ddcc34
SHA256

bd56bbb2cdedd54f1c768ca9140d09bd551139148f0f4acf7d29c5290c22a635
SHA512

6db86f7a2746e53022c69f02087a9833c30d7543b2395c01351e1867d6cdac0d692a2669eb0a9911b02e84e87ab45276cd7ede61124e8cadbfb62d886c1a6651
SSDEEP

3072:Rbdy7+tiugMV7vkBl3kXJALK4tLOW0e3u8:Rs7qV7sBuJqK4dOW0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
852146a0967accb1232f4a3c74215f5d

Files

852146a0967accb1232f4a3c74215f5d
.exe windows:4 windows x86 arch:x86

65150fafe026de015358a41a7d8b49be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetEnvironmentStrings
SetStdHandle
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
SetHandleCount
GetProcAddress
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
ExitProcess
GetCommandLineA
GetCurrentProcess
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetModuleHandleA
LocalAlloc
LoadLibraryA
LocalFree
GetVersion
GetCommandLineW
HeapReAlloc
GetStartupInfoA
HeapFree
HeapAlloc
CloseHandle

user32

GetDlgItemTextW
LoadCursorA
InflateRect
SetWindowTextA
SendMessageA
DialogBoxIndirectParamA
LoadIconW
RegisterClassExW
CreateDialogParamW
ShowWindow
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
DefWindowProcW
DialogBoxParamW
SetDlgItemTextW
GetWindowRect
OffsetRect
GetSystemMetrics
MoveWindow
GetDlgItem
LoadCursorW
GetSysColorBrush
GetSysColor
ChildWindowFromPoint
InvalidateRect
SetCursor
MessageBoxW
EndDialog

gdi32

SetBkMode
GetDeviceCaps
SetMapMode
StartDocA
StartPage
EndPage
EndDoc
GetStockObject
GetObjectW
CreateFontIndirectW
SetTextColor
SelectObject

comdlg32

PrintDlgA

advapi32

RegCloseKey
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegOpenKeyW
RegSetValueExW
LsaOpenPolicy
LsaStorePrivateData
RegDeleteValueW
LsaClose

shell32

CommandLineToArgvW
ShellExecuteW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65150fafe026de015358a41a7d8b49be

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 112KB - Virtual size: 113KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 112KB - Virtual size: 113KB

.rsrc
Size: 92KB - Virtual size: 92KB