15269471db25589549d337a23d0bc948

Sharing

Copy URL Twitter E-mail

General

Target

15269471db25589549d337a23d0bc948
Size

119KB
MD5

15269471db25589549d337a23d0bc948
SHA1

cc73e438259cd3bacbc809ff17ce588a142c577a
SHA256

6d950f293179a85746e951acbc039d72d382cfb1525ecf618f16a309c5e971a9
SHA512

0081165fb1362944c923a33fe28b6bde03f3e43dd8962970e13b01368477a770a3ee6b3afe100f6098e75255a630b393ecaae27fc74440a9563a17993f4f5c50
SSDEEP

3072:fN809TVEz1xoGIbf6FoZdc6y7D4AbZuOAr5:RdVaoGPQc6yHv1Ar5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15269471db25589549d337a23d0bc948

Files

15269471db25589549d337a23d0bc948
.exe windows:1 windows x86 arch:x86

28a534d5b0d784d319193c60b8c4972d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

Beep
FreeLibrary
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTickCount
GetUserDefaultLCID
GetVersion
GetWindowsDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GlobalFindAtomA
LoadLibraryA
OpenFile
SetThreadLocale
Sleep
WritePrivateProfileStringA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteFileA
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
GetCPInfo
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetTickCount
GetTimeZoneInformation
GetVersion
LoadLibraryA
LocalFileTimeToFileTime
ReadConsoleInputA
ReadFile
ReleaseMutex
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryA
SetEvent
SetFilePointer
SetStdHandle
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile

gdi32

GetStockObject
GetTextExtentPointA
GetTextMetricsA
SelectObject
SetBkColor
SetTextColor
TextOutA

user32

BeginPaint
CheckDlgButton
CreateCaret
CreateWindowExA
DefWindowProcA
DestroyCaret
DialogBoxParamA
DispatchMessageA
EndDialog
EndPaint
EnumWindows
GetClassLongA
GetClassNameA
GetClientRect
GetDC
GetDlgItemInt
GetDlgItemTextA
GetMessageA
GetWindowLongA
GetWindowRect
GetWindowTextA
IsDlgButtonChecked
LoadCursorA
LoadIconA
LoadStringA
MessageBeep
MessageBoxA
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassA
ReleaseDC
SendDlgItemMessageA
SetCaretPos
SetDlgItemInt
SetDlgItemTextA
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowCaret
ShowWindow
TranslateMessage
UpdateWindow
WinHelpA
GetActiveWindow
wsprintfA

Sections

BEGTEXT
Size: 89KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 15KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 14KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28a534d5b0d784d319193c60b8c4972d

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

Sections

BEGTEXT Size: 89KB - Virtual size:

DGROUP Size: 15KB - Virtual size:

.bss Size: 14KB - Virtual size:

.idata Size: 3KB - Virtual size:

.reloc Size: 8KB - Virtual size:

.rsrc Size: 2KB - Virtual size:

BEGTEXT
Size: 89KB - Virtual size:

DGROUP
Size: 15KB - Virtual size:

.bss
Size: 14KB - Virtual size:

.idata
Size: 3KB - Virtual size:

.reloc
Size: 8KB - Virtual size:

.rsrc
Size: 2KB - Virtual size: