44378ffb307788f1e8bbe5fab9063510

Sharing

Copy URL Twitter E-mail

General

Target

44378ffb307788f1e8bbe5fab9063510
Size

132KB
MD5

44378ffb307788f1e8bbe5fab9063510
SHA1

a5c69ee587dc08b2ff206b7914b3b17dcf33dc72
SHA256

69f435aa1a55ed8a5f857a9dd82ba4d0c5355daa6c7abeff87b5903a520696fa
SHA512

f9519d6526b714fd498cbb9cc86fa83a64c0351bb89079a9c33b5b9d20fb8a09b314df50c8f3886fdc627c039dbf0c74c802ee1cfd083650ae55ed0de20d746f
SSDEEP

3072:UhwXEOVOZu6t0U+0Iumrt115cim2h/DdRePJ1Btu:Gw9OZu15nNJDdRePJY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44378ffb307788f1e8bbe5fab9063510

Files

44378ffb307788f1e8bbe5fab9063510
.exe windows:5 windows x86 arch:x86

f65ccceec6283331904e0d444c03ff68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InterlockedExchange
GetModuleHandleA
DeleteFileW
GetStartupInfoA
GlobalLock
GetACP
VirtualProtect
GetDriveTypeA
FormatMessageA
lstrcpyA
GetWindowsDirectoryA
GetFileType
ExpandEnvironmentStringsA

msvcrt

_acmdln
__set_app_type
_XcptFilter
memchr
__p__fmode
_initterm
_write
__getmainargs
__setusermatherr
__p__commode
_itoa
_ftol
exit
calloc
fprintf
_adjust_fdiv
log
_except_handler3
_getpid

user32

UpdateWindow
GetIconInfo
GetCursorPos
SetPropA
SendDlgItemMessageA
WinHelpA
ScreenToClient
PostMessageA

gdi32

SetRectRgn
StretchDIBits
EnumFontFamiliesExA
ExtTextOutA
SetBrushOrgEx
GetTextExtentPoint32W
StrokePath
GetObjectW

shell32

SHBrowseForFolder
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetFileInfoA
SHBindToParent
SHGetFolderPathW

version

VerInstallFileA
VerLanguageNameA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerInstallFileW
GetFileVersionInfoSizeA

ole32

CoReleaseMarshalData
IsEqualGUID
ReleaseStgMedium
CoUninitialize
OleGetClipboard
PropVariantClear
OleInitialize

comctl32

InitializeFlatSB
ImageList_Add
CreatePropertySheetPageA
ImageList_DragLeave
ImageList_Read
DestroyPropertySheetPage

advapi32

CopySid
RegOpenKeyW
RegCreateKeyA
RegFlushKey
OpenThreadToken
CryptCreateHash

oleaut32

CreateErrorInfo
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayPtrOfIndex

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f65ccceec6283331904e0d444c03ff68

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

shell32

version

ole32

comctl32

advapi32

oleaut32

Sections

.text Size: 63KB - Virtual size: 62KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 63KB - Virtual size: 62KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 19KB - Virtual size: 18KB