064112e29c7fbdb101e6839114c94c4e

Sharing

Copy URL Twitter E-mail

General

Target

064112e29c7fbdb101e6839114c94c4e
Size

156KB
MD5

064112e29c7fbdb101e6839114c94c4e
SHA1

9782dffb72802505c2b930e0f30c72cb7b26cc41
SHA256

cb7fefb22e661325d758e7fdfa0a2e50eb7e2141654d4dd7111dc50ac74eff29
SHA512

2f5e5a2d49149a419ddb8d482801361b36168f8c4361718646caf946657f3865b602f5a5956bf19d256d9ef0ef62f2490866bba18688ac12a491a83cfbbb758d
SSDEEP

3072:EytvmyGuS+/oPfWmL/bcY0dj96aGxkCSlxeNPjl:NviJBTbcPbTeN5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
064112e29c7fbdb101e6839114c94c4e

Files

064112e29c7fbdb101e6839114c94c4e
.exe windows:4 windows x86 arch:x86

67d4ebcc56ea67a4327282655bfe9e78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Read
ImageList_Add
ImageList_Draw

oleaut32

OleLoadPicture
SafeArrayGetElement
VariantCopyInd
SysStringLen
SafeArrayCreate

advapi32

GetLengthSid
GetUserNameA

version

VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA

user32

GetMessagePos
FindWindowA
GetMenu
GetWindow
GetCapture
GetWindowTextA
GetScrollInfo
GetMenuState
BeginPaint
GetFocus
TrackPopupMenu
EnumThreadWindows
GetClipboardData
GetSysColorBrush
GetScrollPos
DrawMenuBar
EnableMenuItem
ShowScrollBar
GetPropA
GetSubMenu
GetMenuItemInfoA
IsChild
IsDialogMessageA
GetScrollRange
DrawIcon
GetParent
GetSysColor
DeferWindowPos
IsWindowEnabled
GetCursor
CreateIcon
IsMenu
IsWindowVisible
GetMenuStringA
GetMenuItemID

msvcrt

atan
calloc
memmove
strcmp

kernel32

GetStdHandle
GetCurrentThread
GetCurrentThreadId
GetProcessHeap
GetACP
ResetEvent
ExitProcess
LoadLibraryA
MulDiv
LoadLibraryExA
LockResource
CompareStringA
LocalAlloc
GetDateFormatA
lstrcpynA
GetLocalTime
GetCurrentProcess
lstrlenA
FindResourceA
GetCurrentProcessId
GetVersionExA
GetLastError
CreateEventA
LocalFree
GetStartupInfoA
WriteFile
EnterCriticalSection
SetFilePointer
GetModuleFileNameA
FindFirstFileA
SetEndOfFile
GetLocaleInfoA
GetCPInfo
GetFileAttributesA
lstrcpyA
GetVersion
VirtualFree
GlobalAlloc
HeapFree
GlobalDeleteAtom
GetFileSize
SetHandleCount
ExitThread
FreeResource
GlobalAddAtomA
GetThreadLocale
GetFileType
VirtualAlloc
WaitForSingleObject
FormatMessageA
WideCharToMultiByte
HeapDestroy
VirtualAllocEx
SetLastError
SetThreadLocale
HeapAlloc
EnumCalendarInfoA
GetSystemDefaultLangID
SetErrorMode
ReadFile
GetStringTypeA
GetModuleHandleA
lstrcmpA
CreateFileA
DeleteCriticalSection

gdi32

GetBitmapBits
SaveDC
LineTo
CreateBrushIndirect
CreateDIBitmap

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 116KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67d4ebcc56ea67a4327282655bfe9e78

Headers

File Characteristics

Imports

comctl32

oleaut32

advapi32

version

user32

msvcrt

kernel32

gdi32

Sections

CODE Size: 36KB - Virtual size: 36KB

INIT Size: 116KB - Virtual size: 215KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 1024B - Virtual size: 1004B

CODE
Size: 36KB - Virtual size: 36KB

INIT
Size: 116KB - Virtual size: 215KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 1024B - Virtual size: 1004B