031cc727da6737bde24f9fb191f14445

Sharing

Copy URL Twitter E-mail

General

Target

031cc727da6737bde24f9fb191f14445
Size

175KB
MD5

031cc727da6737bde24f9fb191f14445
SHA1

c33b7f55d5f99ca7443d771c4b890653337c55f4
SHA256

b77a523be32e1c98c2f989d5329e16e82b138fc511eda7a652c31a971f02c130
SHA512

3f9e3d8b2f4c2d15264ee2e3ee1ef9df48cfb731952c819a55a9fdb0d4f5640b233d932841228f0a18c74e94f0113eaefc4c19bc0aecad71570630c14a2b0f0c
SSDEEP

3072:WsM2H9m6vk7Xb1TNowhdqmfugr66EMPC9z3r3/2k1vrPUxNt7:WAEfb1JHBfugmoCp3r3/2eYxH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
031cc727da6737bde24f9fb191f14445

Files

031cc727da6737bde24f9fb191f14445
.exe windows:4 windows x86 arch:x86

cec0c47e24b58a2d8f6286a3ab743c2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

log
memmove
memcpy
malloc

kernel32

lstrcpynA
lstrlenA
GetDiskFreeSpaceA
GetFileAttributesA
VirtualAlloc
EnterCriticalSection
GetFileType
GetLocaleInfoA
FindFirstFileA
GlobalAddAtomA
ExitProcess
LocalFree
MoveFileA
GetUserDefaultLCID
VirtualAllocEx
CloseHandle
GetVersionExA
FindResourceA
SetHandleCount
GetModuleFileNameA
GetCurrentThread
Sleep
CreateEventA
VirtualQuery
LoadResource
LoadLibraryA
EnumCalendarInfoA
HeapFree
SetThreadLocale
WriteFile
MoveFileExA
LockResource
FindClose
GetEnvironmentStrings
lstrcmpiA
InitializeCriticalSection
SetEndOfFile
GetOEMCP
SetEvent
GetCurrentProcess
HeapDestroy
ExitThread
GetStringTypeA
LocalAlloc
HeapAlloc
GetCommandLineA
LoadLibraryExA
VirtualFree
lstrcatA
GetModuleHandleA
CreateThread
GetACP
GetLastError
CompareStringA
SetLastError
SetFilePointer
lstrcpyA
GetCurrentThreadId
FreeResource
LocalReAlloc
DeleteFileA
GetCPInfo
GetTickCount
ResetEvent
GlobalFindAtomA

user32

GetClientRect
DrawIcon
GetDesktopWindow
DispatchMessageW
EndDeferWindowPos
GetMenuStringA
BeginPaint
FillRect
SetWindowLongA
IsWindowVisible
EqualRect
GetMenuState
IsWindowEnabled
GetMenuItemInfoA
GetKeyNameTextA
HideCaret
GetMenuItemCount
BeginDeferWindowPos
CharLowerBuffA
IsMenu
DefWindowProcA
GetWindow
GetWindowTextA
DrawEdge
ShowWindow
SetWindowPos
CharToOemA
EnumThreadWindows
GetScrollRange
GetScrollInfo
ClientToScreen
GetForegroundWindow
SystemParametersInfoA
EnumChildWindows
GetMenu
DrawFrameControl
DrawTextA
CheckMenuItem
CreateWindowExA
SetCursor
GetSysColor
DeferWindowPos
SetTimer
DefFrameProcA
EndPaint
GetSysColorBrush
RegisterClassA
GetClipboardData
DrawMenuBar
GetMessagePos
EnableWindow
CallWindowProcA
GetCursorPos
CreateIcon
GetCursor
SetWindowTextA
GetDCEx
GetScrollPos
DefMDIChildProcA
FindWindowA
DispatchMessageA
GetFocus
EnableMenuItem
GetActiveWindow

shell32

SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetFolderPathA

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 125KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cec0c47e24b58a2d8f6286a3ab743c2c

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

shell32

Sections

.text Size: 40KB - Virtual size: 40KB

.init Size: 4KB - Virtual size: 3KB

.idata Size: 125KB - Virtual size: 209KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 40KB

.init
Size: 4KB - Virtual size: 3KB

.idata
Size: 125KB - Virtual size: 209KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB