09a02d48eccd33d2302eb2c693a50e10

Sharing

Copy URL Twitter E-mail

General

Target

09a02d48eccd33d2302eb2c693a50e10
Size

132KB
MD5

09a02d48eccd33d2302eb2c693a50e10
SHA1

1e87406d1e2cce74b8526c109710398dad570575
SHA256

65219b365139479e807c033bd6c5d3cd6756b84976f657f02a431aa225372603
SHA512

14bf05eecb35b7e098ba6024c5838ed2d2395516dbeea75d156d90c379c83ee2ed92993e95d5e9a1256cecb47bff5c7b54d22cf4b27159a40899c21f88ae50eb
SSDEEP

3072:tmF21cC4UL4gRst4lWSuPRvJu0rqnVDX94bsTUXWWt+Z+ZDhu2:tmLCWGstaWSORhanx7AXf+Z+Zp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09a02d48eccd33d2302eb2c693a50e10

Files

09a02d48eccd33d2302eb2c693a50e10
.exe windows:4 windows x86 arch:x86

6f22205249610bf5780500b14f0dcee9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalAlloc
GlobalReAlloc
GetStartupInfoA
SetFilePointer
IsValidCodePage
GetModuleHandleA
VirtualProtect
DeviceIoControl
GetLocaleInfoW

msvcrt

_wcsnicmp
floor
_adjust_fdiv
_strcmpi
_initterm
_acmdln
_strdup
_except_handler3
_XcptFilter
_chmod
_beginthreadex
exit
__setusermatherr
log
__p__commode
__set_app_type
_controlfp
wcstoul
__p__fmode
__getmainargs
_filbuf

shell32

ShellExecuteW
SHAppBarMessage
SHGetDiskFreeSpaceExW
ShellExecuteEx
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHGetFileInfo
ExtractIconExW
DragQueryFileA
DragAcceptFiles
Shell_NotifyIconW
ShellExecuteExW

version

VerLanguageNameA
VerQueryValueW
VerInstallFileW
GetFileVersionInfoSizeA
VerInstallFileA
VerQueryValueA

oleaut32

SysStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayCreate
GetErrorInfo
SysReAllocStringLen
SysAllocStringLen
VariantInit
SetErrorInfo

gdi32

SetTextAlign
Ellipse
SaveDC
CreateDCW
SetArcDirection
CreateFontIndirectW
FrameRgn
CreateHatchBrush
IntersectClipRect
SelectClipRgn
SetBrushOrgEx
SetEnhMetaFileBits
MoveToEx

comctl32

CreatePropertySheetPageA
ImageList_SetIconSize
InitCommonControlsEx
ImageList_DragLeave
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_BeginDrag
ImageList_EndDrag
CreateStatusWindowA
PropertySheetA

advapi32

RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyA
RegDeleteKeyA
RegQueryInfoKeyA
RegOpenKeyExA

ole32

CoGetClassObject
IIDFromString
CoInitializeEx
RegisterDragDrop
PropVariantClear
ReleaseStgMedium
OleSetClipboard
CLSIDFromProgID
CoGetInterfaceAndReleaseStream

user32

ScrollWindow
AdjustWindowRectEx
FrameRect
TranslateMessage
PtInRect
EnableMenuItem
LoadStringA
SetScrollInfo

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f22205249610bf5780500b14f0dcee9

Headers

File Characteristics

Imports

kernel32

msvcrt

shell32

version

oleaut32

gdi32

comctl32

advapi32

ole32

user32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 97KB - Virtual size: 96KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 97KB - Virtual size: 96KB