026eb93a682bd0acd913792121ac9869

Sharing

Copy URL Twitter E-mail

General

Target

026eb93a682bd0acd913792121ac9869
Size

211KB
MD5

026eb93a682bd0acd913792121ac9869
SHA1

12652b57059750b22bc7604842838dab41e53a30
SHA256

f012b504b4cd295cdc67e623f07d2d3d295822a5835f22852866982412b8b767
SHA512

2b2057172485b8664361608032c2aa64d61dabd77b3e9d8134cf402f9dccacfe69fc311ee61d4af987eabb60a77134bdd6b9e3dc684d2dd623b925532ff1dd35
SSDEEP

3072:2hZwpz5Yt5aCDZ8UmPIiCETFPF9yKIR8VFh6EFLB9v0H1b9ZYCKZuMiGnW:SZ0ImUcdIsFwud9veZWuMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
026eb93a682bd0acd913792121ac9869

Files

026eb93a682bd0acd913792121ac9869
.exe windows:4 windows x86 arch:x86

4a35ec40bf0155a7e902f31e6e0ef9fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CloseEnhMetaFile
CopyMetaFileA
CreateDIBSection
CreatePatternBrush
CreatePolygonRgn
DPtoLP
Ellipse
EndPage
EnumFontFamiliesExA
GetClipBox
GetDIBColorTable
GetEnhMetaFileHeader
GetNearestPaletteIndex
GetObjectA
GetPaletteEntries
GetStockObject
GetTextMetricsA
InvertRgn
PlayMetaFile
StretchBlt
TextOutA

shell32

DoEnvironmentSubstW
DragAcceptFiles
DragQueryFile
DragQueryFileA
ExtractIconExA
FindExecutableW
SHAddToRecentDocs
SHBindToParent
SHChangeNotify
SHCreateDirectoryExW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderPathW
SHGetMalloc
SHGetPathFromIDList
SHGetSettings
ShellExecuteExW

user32

ClientToScreen
CreateMenu
DispatchMessageA
EnableMenuItem
EnumThreadWindows
GetActiveWindow
GetClassNameA
GetSystemMenu
GetWindowTextA
OffsetRect
PtInRect
RedrawWindow
RegisterClassA
ScreenToClient
SetMenu
SetScrollInfo
ShowCursor
wsprintfA

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateToolbarEx
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetIconSize
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_SetOverlayImage
ImageList_Write
PropertySheetA

advapi32

CryptGenRandom
DeleteService
FreeSid
LookupPrivilegeValueA
RegDeleteKeyA
RegDeleteKeyW
RegEnumKeyA
RegEnumValueA
RegFlushKey
RegOpenKeyExA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

ole32

CLSIDFromProgID
CoCreateGuid
CoCreateInstance
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoRevokeClassObject
CoSetProxyBlanket
DoDragDrop
GetRunningObjectTable
IIDFromString
IsEqualGUID
OleDraw
OleFlushClipboard
OleInitialize
OleSetClipboard
OleSetMenuDescriptor
ProgIDFromCLSID
StgCreateDocfileOnILockBytes
StringFromCLSID
StringFromIID

kernel32

CreateProcessW
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetDriveTypeA
GetExitCodeThread
GetFileSize
GetFullPathNameA
GetTempFileNameA
GetVersionExA
GlobalHandle
GlobalUnlock
HeapReAlloc
IsBadWritePtr
LoadLibraryA
ResumeThread
SetEndOfFile
TlsSetValue
VirtualProtect
lstrlenA

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

7rfJPsnn
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a35ec40bf0155a7e902f31e6e0ef9fa

Headers

File Characteristics

Imports

gdi32

shell32

user32

comctl32

advapi32

ole32

kernel32

Sections

.text Size: 87KB - Virtual size: 87KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 98KB - Virtual size: 97KB

.rsrc Size: 18KB - Virtual size: 17KB

7rfJPsnn Size: 2KB - Virtual size: 120KB

.text
Size: 87KB - Virtual size: 87KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 98KB - Virtual size: 97KB

.rsrc
Size: 18KB - Virtual size: 17KB

7rfJPsnn
Size: 2KB - Virtual size: 120KB