120503cfb86e67178a0fb8da058b80a2

General

Target

120503cfb86e67178a0fb8da058b80a2
Size

279KB
MD5

120503cfb86e67178a0fb8da058b80a2
SHA1

9b84b60705a05fe827041630af64f0a51ce85c15
SHA256

6c1f54e420597522b0723224588f10b104f1b5449e890eee924d8bcb314622f0
SHA512

f29177b57972f0b947a5d65743a6e53346bca9c69e0a89bcdf015db29b98b9664de914f54dbf203c24b9f4928ff7ed1f0d9f1f1dd364d363596dab43ee09364b
SSDEEP

6144:IRsxhYWbtfYhL2axRmToBIkBLsdreg2Fv12yGUD14F3i4l:IidbtfYZlNBIkJsdb2Fv1hG41ei4l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
120503cfb86e67178a0fb8da058b80a2

Files

120503cfb86e67178a0fb8da058b80a2
.exe windows:4 windows x86 arch:x86

4c939af178a09a862eda8461f6ef8e57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

kernel32

CopyFileW
GlobalAddAtomW
SetFileAttributesW
QueryPerformanceCounter
LoadLibraryW
SetUnhandledExceptionFilter
LocalFree
FindClose
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileSectionW
WritePrivateProfileStringW
LoadLibraryExW
CreateMutexW
FreeLibrary
GetPrivateProfileStringW
GetProcessHeap
GetLastError
GetPrivateProfileIntW
LoadLibraryExA
CompareStringW
GetFileType
GetCurrentProcess
lstrlenA
GetProcAddress
GetCurrentDirectoryW
Sleep
EnumResourceLanguagesW
ExpandEnvironmentStringsW
GetSystemDirectoryW
HeapFree
WaitForSingleObject
LoadModule
lstrcmpW
GetCurrentProcessId
GetStartupInfoA
GetTickCount
ReleaseMutex
GetWindowsDirectoryA
InterlockedExchange
FindNextFileW
lstrcmpiW
GetCurrentThreadId
InterlockedCompareExchange
FindFirstFileW
GetVersionExW
HeapAlloc
RtlUnwind
GetSystemInfo
WritePrivateProfileSectionW

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

shlwapi

StrCmpNIA
StrStrA

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

Sections

.text
Size: 136KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c939af178a09a862eda8461f6ef8e57

Headers

File Characteristics

Imports

comctl32

kernel32

setupapi

iphlpapi

shlwapi

newdev

shell32

Sections

.text Size: 136KB - Virtual size: 275KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 139KB - Virtual size: 139KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 275KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 512B - Virtual size: 4KB