43c13f5cb366314ceac85e50757c4ed9

Sharing

Copy URL Twitter E-mail

General

Target

43c13f5cb366314ceac85e50757c4ed9
Size

570KB
MD5

43c13f5cb366314ceac85e50757c4ed9
SHA1

8aa3d9cba8379b404e4e206ecbd70a9a2bcc75e8
SHA256

c643b64a028a77811f47dd42d902aa5ca1b0ace98e55279cb71b655e45447307
SHA512

8cfb4f6931d21d653684478dc31276a49d00e8244b606a77a53c37b7b97396758dde82b765373e2347a4a1cdab2526d1c0a8c165a5d546c8c42888b7a2508bbc
SSDEEP

12288:k3e/oXFM2yBXq0s/RVuIg1uva8Vt3W1PrA/dPRPgIBPmz:4AuFeqFQIg1ur3W1PrAd2iPA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c13f5cb366314ceac85e50757c4ed9

Files

43c13f5cb366314ceac85e50757c4ed9
.exe windows:4 windows x86 arch:x86

d7c97eb407a3af61c8e71bdc2a45d4f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
GetHandleInformation
SetConsoleCursorPosition
ConnectNamedPipe
PeekNamedPipe
GetStartupInfoA
FatalAppExitA
SetMailslotInfo
IsBadReadPtr
GetAtomNameA
LocalAlloc
AllocConsole
FindNextChangeNotification
DeleteFiber
TryEnterCriticalSection
GetBinaryTypeW
_hread
GetConsoleMode
IsBadStringPtrA
PurgeComm
GetProfileIntA
CreateMutexA
GetEnvironmentStringsW
lstrcpyA
FreeLibraryAndExitThread
ReleaseMutex
GlobalDeleteAtom
GetOEMCP
GlobalGetAtomNameW
CreateWaitableTimerA
SetConsoleTitleA
GetThreadPriority
SetupComm
VirtualUnlock
CreateProcessA
UnmapViewOfFile
CopyFileExW
_lread
VirtualAllocEx
SetTimeZoneInformation
GetProfileStringA
ReadFileScatter
InitializeCriticalSection
WritePrivateProfileSectionA
FlushFileBuffers
GetModuleFileNameW
AreFileApisANSI
VirtualFree
FindFirstFileA
CreateNamedPipeW
GetCommModemStatus
GetTickCount
CancelIo
GetCurrentProcess
GetLocaleInfoW
ExitProcess

user32

SetDlgItemTextW
ChangeDisplaySettingsA
ValidateRgn
GetDC
GetUserObjectInformationW
GetWindowPlacement
FlashWindowEx
SetDlgItemInt
SetCaretBlinkTime
CreateDesktopW
SetMenuInfo
OpenInputDesktop
DrawTextExW
SetWindowTextA
WinHelpA
MapVirtualKeyW
SendMessageW
ChangeDisplaySettingsExA
LoadImageW
DestroyIcon
ExitWindowsEx
DestroyWindow
IsCharAlphaNumericW
CreateIconFromResource
GetKeyboardLayoutNameA
CharNextW
RegisterClassExA
SubtractRect
SwapMouseButton
MapVirtualKeyA
CloseWindowStation
MessageBoxExA
CreateDialogParamW
GrayStringA
TrackPopupMenu
GetTopWindow
SetDlgItemTextA
GetMenu
SetWindowLongA
GetWindowWord
OffsetRect
SetScrollInfo
EnumDisplayDevicesW
SetPropA
RemoveMenu
CopyRect
ReplyMessage
EnumDisplaySettingsA
ShowOwnedPopups
InsertMenuA
GetMenuStringA
SendMessageCallbackW
GetMenuCheckMarkDimensions
GetClassInfoW
PostMessageW
DrawIcon
CheckMenuRadioItem
FindWindowExA
DialogBoxParamW
LoadStringW
DrawCaption
DefWindowProcA
RegisterDeviceNotificationW

gdi32

PolyBezierTo
ScaleWindowExtEx
EndPath
CreateCompatibleDC
GetCurrentObject
PtVisible
EnumFontFamiliesExW
GetRegionData
GetTextCharsetInfo
EnumFontsW
CombineRgn
LPtoDP
SetStretchBltMode
GetWindowExtEx
SetPixelV

comdlg32

GetOpenFileNameA
GetFileTitleA

advapi32

RegSetValueExA
RegEnumKeyA
CryptDestroyKey
LogonUserW
GetTokenInformation
RegGetKeySecurity
SetNamedSecurityInfoA
InitiateSystemShutdownA
IsValidAcl
OpenEventLogW
RegisterServiceCtrlHandlerW
GetSecurityDescriptorLength
RegSetValueExW
InitializeSecurityDescriptor
CloseEventLog
SetSecurityDescriptorSacl

shell32

FindExecutableW

ole32

OleCreateMenuDescriptor
CoFreeAllLibraries
StgCreateStorageEx
CoMarshalInterThreadInterfaceInStream
StringFromGUID2
CoCreateInstanceEx

oleaut32

LoadTypeLibEx
SysStringLen
SafeArrayGetElement
SysFreeString
SafeArrayUnaccessData

shlwapi

PathUndecorateW
PathIsRootW
PathIsURLW
SHRegGetBoolUSValueA

Sections

.text
Size: 3KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7c97eb407a3af61c8e71bdc2a45d4f3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 3KB - Virtual size: 218KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 255KB - Virtual size: 255KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 3KB - Virtual size: 218KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 255KB - Virtual size: 255KB

.rsrc
Size: 16KB - Virtual size: 15KB