134a792ef3904dcd2389aad569f93025

Sharing

Copy URL Twitter E-mail

General

Target

134a792ef3904dcd2389aad569f93025
Size

52KB
MD5

134a792ef3904dcd2389aad569f93025
SHA1

7a38c7116c172afc76b610ec6c80a3a3b42f58d0
SHA256

cf3f9cebe1e878528d5cf8a05b9b873c4409fab11c80590fe6179d80cc03fca0
SHA512

2029293df1400f7b97119995c87e5ec734741f08b1f5c134be83ed1a85915e6cb767ee770384398690e85972629e3ef35f5736515b872d9d1472b60dfd574e9c
SSDEEP

768:6A/neiUl9juuKH73poaXJGdzA81vzb2fYVB265n1W:6A/eio92pLZiz9bgYD2in1W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134a792ef3904dcd2389aad569f93025

Files

134a792ef3904dcd2389aad569f93025
.exe windows:4 windows x86 arch:x86

42a5485b2a1ad0e7c6fe9f4af8ebd25b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuItemInfoA
GetMessageA
GetDoubleClickTime
SetTimer
KillTimer
SetForegroundWindow
GetWindow
DefWindowProcA
CheckMenuRadioItem
IsDlgButtonChecked
SetMenuItemInfoA
PostMessageA
CheckDlgButton
GetDlgItem
CreatePopupMenu
LoadImageA
DestroyIcon
wsprintfA
AppendMenuA
GetCursorPos
TrackPopupMenu
InvalidateRect
PostQuitMessage
ShowWindow
WinHelpA
DestroyWindow
FindWindowA
LoadCursorA
RegisterClassA
RegisterWindowMessageA
RegisterDeviceNotificationA
UnregisterDeviceNotification
SetMenuDefaultItem
DestroyMenu
LoadStringA
IsDialogMessageA
CreateDialogParamA
DispatchMessageA
TranslateMessage
SendMessageA

kernel32

GetProcAddress
OpenFile
GlobalFree
FreeLibrary
DeviceIoControl
lstrcatA
LocalAlloc
GlobalAlloc
GlobalLock
lstrcmpA
GlobalUnlock
GlobalHandle
WinExec
CreateFileA
ExitProcess
lstrcmpiA
lstrcpyA
LoadLibraryA
lstrlenA
FormatMessageA
lstrcpynA
LocalFree
CloseHandle
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

shell32

Shell_NotifyIconA
ShellExecuteA

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA

winmm

mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerGetDevCapsA
mixerGetNumDevs
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutMessage
mixerGetID
mixerClose
mixerOpen
mixerMessage

batmeter

CreateBatMeter
BatMeterCapabilities
UpdateBatMeter
DestroyBatMeter

powrprof

WriteGlobalPwrPolicy
EnumPwrSchemes
GetActivePwrScheme
ReadGlobalPwrPolicy
SetActivePwrScheme

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

GPIMCDE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42a5485b2a1ad0e7c6fe9f4af8ebd25b

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

winmm

batmeter

powrprof

Sections

.text Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 556B

.rsrc Size: 8KB - Virtual size: 8KB

GPIMCDE Size: 20KB - Virtual size: 20KB

.text
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 556B

.rsrc
Size: 8KB - Virtual size: 8KB

GPIMCDE
Size: 20KB - Virtual size: 20KB