032bf6b0f14ce29a3ae0e3514ece776f

Sharing

Copy URL

Twitter E-mail

General

Target

032bf6b0f14ce29a3ae0e3514ece776f
Size

141KB
MD5

032bf6b0f14ce29a3ae0e3514ece776f
SHA1

8d684a01fdfd2eb5d5326a642b323dbd8c67a9d0
SHA256

6cee6156b164c4798e03d4e04af137bd16a81a031688637afcddbefe70610568
SHA512

fe83bd56dc3ba47cd84907b2e72d9bca8b84fbb8b47bbbecc2d03915f0004b4fcd0d699b63d92e0809fe2772a72d6a8cf6eee9e3bab11357451336ae43ee66a9
SSDEEP

3072:1IBbXoGMr7B1naqiVOuzZVWxICRCx/hZ0plN/R:2BbRm73n8zZV6CpoDh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
032bf6b0f14ce29a3ae0e3514ece776f

Files

032bf6b0f14ce29a3ae0e3514ece776f
.exe windows:1 windows x86 arch:x86

9651ac47f6686f99da47213012d71a9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
floor
_initterm
getenv
_cgets
_getche
_adj_fdivr_m32
strtod
_wcreat
_execvp
_mbscspn
fopen
_unlink
isalpha
_isatty
_mbsnbset
_adj_fprem
_unlock
swprintf
_wgetdcwd
_acmdln
__getmainargs
strstr
_longjmpex
_wspawnv
_adjust_fdiv
labs
_exit
memcpy
_getws
mktime
_fgetchar
abs
strchr
_controlfp
__p__fmode
_mbslwr
_execvpe
_XcptFilter
time
sinh
_strnicmp
_except_handler3
_stat64
_atodbl
_mbctoupper
_mbctohira
_memicmp
_snwprintf
_putws
_mbsdec
_aligned_offset_malloc
_assert
__p__commode
putwc
_itoa
_wspawnvp
_getpid
_commode
_getdllprocaddr
__set_app_type
_ismbclegal
__setusermatherr
_lseeki64
_setmode
_dup

user32

CheckMenuRadioItem
DialogBoxIndirectParamA
SetFocus
CheckRadioButton
EnumWindows
SetForegroundWindow
CreatePopupMenu
GetSysColor
GetDlgItemTextA
GetMessageA
ScrollWindowEx
DrawIconEx
GetSubMenu
IntersectRect
EnumChildWindows
EndDeferWindowPos
GetCapture
CreateWindowExA
MessageBoxA
GetWindowLongA
DrawTextA
GetSysColorBrush
SetTimer
SetCapture
SetMenuItemInfoA
ExitWindowsEx
InvalidateRect
CreateIconIndirect
FindWindowA
GetMenu
GetUpdateRgn
SystemParametersInfoA
GetParent
LoadCursorA
GetFocus
ShowWindow
LoadImageA
TranslateMessage
GetClientRect
AppendMenuA
GetPropA
CheckMenuItem
DestroyWindow
CreateDialogParamA
BeginDeferWindowPos
FillRect
SetWindowTextA

kernel32

GetTimeFormatA
HeapReAlloc
SetEvent
FreeEnvironmentStringsW
TlsGetValue
DeleteCriticalSection
QueryPerformanceFrequency
LocalFree
MulDiv
LocalAlloc
LockResource
SetEndOfFile
GetCurrentProcessId
DeleteFileA
FileTimeToLocalFileTime
FreeLibrary
CreateThread
GetModuleHandleA
SizeofResource
GetCommandLineA
GetVersion
GetCurrentProcess
GetSystemDirectoryA
VirtualAlloc
GetACP
GlobalReAlloc
GetFileType
WideCharToMultiByte
VirtualQueryEx
IsBadStringPtrA
CreateFileA
GetEnvironmentStringsW
GetProcessWorkingSetSize
GetModuleHandleW
MapViewOfFile
lstrcmpA
GetProcessAffinityMask
GetStartupInfoA
SetProcessWorkingSetSize
GlobalUnlock
GetModuleFileNameA
FindClose
TlsAlloc
lstrcmpiA
GlobalLock
IsValidCodePage
TlsSetValue
ExitThread
SetStdHandle
GetCommandLineW
WriteConsoleW
HeapSize
CreateToolhelp32Snapshot
LCMapStringW
HeapAlloc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9651ac47f6686f99da47213012d71a9a

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 124KB - Virtual size: 124KB

.data Size: 512B - Virtual size: 91B

.rsrc Size: 512B - Virtual size: 4B

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 124KB - Virtual size: 124KB

.data
Size: 512B - Virtual size: 91B

.rsrc
Size: 512B - Virtual size: 4B