04a2304c9476dd637ae48a7c7e13b77b

Sharing

Copy URL Twitter E-mail

General

Target

04a2304c9476dd637ae48a7c7e13b77b
Size

224KB
MD5

04a2304c9476dd637ae48a7c7e13b77b
SHA1

8398bb524ca91947158028e752dc50fda0798631
SHA256

209fec9085b1a8dbe89ea11970c8043cbd09b130e7cae57de20ccf84253b537e
SHA512

48b798c1845e24899cab74ff5001feeedebb54cb388bebc54dd43af333a304c5d04468d59f0968488cb8f99424d6d922cdcb2eeb3a5afc58e474f0d809d0c560
SSDEEP

6144:n7uVauv7inJSQlnAG94VBl3bGkJgLl/v5t+kk:7uV8JSQlAG9kBl3DJul3Jk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a2304c9476dd637ae48a7c7e13b77b

Files

04a2304c9476dd637ae48a7c7e13b77b
.exe windows:4 windows x86 arch:x86

19a0b51b7cbcff49dc754d7e5e21be23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
RestoreDC

shlwapi

SHGetValueA
StrRChrA
StrCmpICA
SHDeleteValueA
StrChrIA
StrFormatByteSizeA
SHSetValueA
StrToIntA
StrCmpNIA
StrRChrA
StrChrIA
StrCmpCA
IsCharSpaceA
PathIsContentTypeA
StrChrA
SHDeleteValueA
StrCmpNIA
SHEnumValueA
StrChrA
SHDeleteValueA
StrStrIA
StrNCatA
SHSetValueA
StrTrimA
PathIsContentTypeA
StrToIntExA
PathIsDirectoryA
StrNCatA

comdlg32

GetSaveFileNameA
GetFileTitleA
ChooseColorA

user32

GetWindow
CharLowerBuffA
EnableWindow
GetClientRect
CallWindowProcA
SetWindowLongA
GetDC
GetKeyNameTextA
GetMenuItemID
ShowScrollBar
EnumThreadWindows
GetMenuItemCount
CreateIcon
FrameRect
DispatchMessageW
SystemParametersInfoA
GetCapture
GetLastActivePopup
GetScrollRange
EqualRect
EnumChildWindows
DrawIconEx
CreateMenu
CheckMenuItem
IsChild
GetClipboardData
EndPaint
DefWindowProcA
EndDeferWindowPos
MessageBoxA
CallNextHookEx
SetWindowTextA
DrawEdge
CreateWindowExA
GetScrollInfo
GetParent
TrackPopupMenu
SetCursor
DrawIcon
CharLowerA
GetClassLongA
GetForegroundWindow
EnableMenuItem
GetCursor
GetCursorPos
GetClassInfoA
DrawFrameControl
GetMenuItemInfoA
GetScrollPos
GetPropA
GetDCEx
GetMessagePos
BeginDeferWindowPos
GetActiveWindow
GetFocus
DispatchMessageA
SetWindowPos
IsWindowVisible
EnableScrollBar
GetSysColor
IsDialogMessageA
GetIconInfo
RegisterClassA
GetDlgItem
FindWindowA
CharToOemA
ShowWindow
DefMDIChildProcA
CreatePopupMenu
GetMenu
GetDesktopWindow
GetWindowTextA
DeferWindowPos
DrawTextA
ClientToScreen
CharNextA
DrawMenuBar
DefFrameProcA
GetMenuStringA
GetKeyState
IsMenu
GetSysColorBrush
IsWindowEnabled
EnumWindows

ole32

CoGetObjectContext
StgCreateDocfileOnILockBytes
WriteClassStm
StringFromIID
CoFreeUnusedLibraries
CoRegisterClassObject
StgOpenStorage
OleCreateStaticFromData

shell32

SHGetFolderPathA
DragQueryFileA
Shell_NotifyIconA
SHFileOperationA
SHGetSpecialFolderLocation
SHGetFileInfoA

msvcrt

wcschr
wcscspn
memcpy
__set_app_type
tolower
swprintf
sprintf
_commit
rand
__wgetmainargs
time
_XcptFilter
_snprintf

kernel32

LocalFree
GlobalAlloc
GlobalAddAtomA
FormatMessageA
SetHandleCount
FindClose
GetOEMCP
DeleteFileA
lstrlenA
SetFilePointer
GetStringTypeA
HeapFree
GetStartupInfoA
GlobalFindAtomA
GetDateFormatA
GetFileAttributesA
GetCurrentThreadId
GetDiskFreeSpaceA
GlobalDeleteAtom
CompareStringA
GetFullPathNameA
WriteFile
EnterCriticalSection
WaitForSingleObject
GetFileSize
GetThreadLocale
SetEvent
SetEndOfFile
LocalReAlloc
GetSystemDefaultLangID
DeleteCriticalSection
GetVersion
VirtualFree
FreeResource
lstrcpyA
Sleep
ReadFile
CreateFileA
HeapDestroy
lstrcmpiA
lstrcmpA
MulDiv
GetStdHandle
FindResourceA
SetErrorMode
VirtualAlloc
GetEnvironmentStrings
SizeofResource
GetLocalTime
GetACP
HeapAlloc
LoadResource
GetTickCount
FindFirstFileA
MoveFileExA
GetProcAddress
ExitProcess
GetLastError
EnumCalendarInfoA
SetLastError
lstrcpynA
GetCommandLineA
WideCharToMultiByte
CreateThread
FreeLibrary
GetModuleFileNameA
GetCPInfo
RaiseException
LoadLibraryA
LockResource
GetStringTypeW
GetModuleHandleA
GetVersionExA
GetCurrentProcessId
LocalAlloc
GetCurrentThread
CreateEventA
CloseHandle
GetUserDefaultLCID
LoadLibraryExA
ResetEvent
GetLocaleInfoA
lstrcatA
GetCurrentProcess
MoveFileA
GetProcessHeap
SetThreadLocale
lstrcmpA
LoadLibraryA
CreateThread
GetVersion
SetEvent
InitializeCriticalSection
ExitThread
GetStringTypeA
GetCommandLineA
GetOEMCP
GetModuleFileNameA
SetEndOfFile
ResetEvent
GetProcAddress
GetTickCount
LoadResource
GetStringTypeW
GetACP
GetThreadLocale
lstrlenA
SetLastError
GetFileSize
GlobalAlloc
FindFirstFileA
WriteFile
MoveFileA
GetLocalTime
GetLastError
MoveFileExA
HeapAlloc
GetCurrentThreadId
FreeResource
GetCurrentProcessId
LocalReAlloc
ReadFile
SetErrorMode
GlobalDeleteAtom
VirtualQuery
FindResourceA
DeleteFileA
lstrcmpiA
HeapDestroy
GetFullPathNameA
FormatMessageA
VirtualFree
lstrcpyA
SizeofResource
WideCharToMultiByte
ExitProcess
GetVersionExA
FreeLibrary
GetStartupInfoA
GetCPInfo
SetHandleCount
LocalFree
GetStdHandle
GetSystemDefaultLangID
HeapFree
RaiseException
Sleep

version

GetFileVersionInfoA

advapi32

RegEnumKeyA
RegQueryInfoKeyA
RegDeleteKeyA

Sections

.CODE
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 309B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19a0b51b7cbcff49dc754d7e5e21be23

Headers

File Characteristics

Imports

gdi32

shlwapi

comdlg32

user32

ole32

shell32

msvcrt

kernel32

version

advapi32

Sections

.CODE Size: 9KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.edata Size: 205KB - Virtual size: 205KB

BSS Size: 512B - Virtual size: 309B

.CODE
Size: 9KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.edata
Size: 205KB - Virtual size: 205KB

BSS
Size: 512B - Virtual size: 309B