0369070fea85197e053c4c7ab64cd2f9

Sharing

Copy URL

Twitter E-mail

General

Target

0369070fea85197e053c4c7ab64cd2f9
Size

256KB
MD5

0369070fea85197e053c4c7ab64cd2f9
SHA1

effce44b4b83dde368224dd5f8021f8b8fd80514
SHA256

73fd850f2a389ab70ce95f07b166acb278a1d8645fc08d9843272580dafb3963
SHA512

885431ecf3e57bd9b120eb51e7dad30b0971190855f1bd171914eadb1abca449e5581090f795005ca8509577c74b255662e422f0ed0c5b577bcbec846acd3406
SSDEEP

6144:6vCRIdTzprZaX0DK2Ct2lTi9a2MF38KIUyGs1paVsnLyoIxPJEDFrCW+c7BK3GxC:6vh7kkJyKKH/on4Tx9tm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0369070fea85197e053c4c7ab64cd2f9

Files

0369070fea85197e053c4c7ab64cd2f9
.exe windows:4 windows x86 arch:x86

24ff11e997da9d615d8d2ff6e98db822

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
SetCurrentDirectoryA
DeleteCriticalSection
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetEnvironmentStrings
HeapAlloc
LoadLibraryA
GetModuleFileNameW
SetLastError
FreeEnvironmentStringsW
GetShortPathNameW
GetCurrentThread
HeapCreate
InterlockedExchange
GetTickCount
GetStdHandle
GetModuleHandleA
TlsAlloc
GetCommandLineA
SetHandleCount
LeaveCriticalSection
GetModuleFileNameA
MultiByteToWideChar
FoldStringW
GetCurrentThreadId
TlsGetValue
WriteFile
GetProcAddress
GetFileType
VirtualFree
HeapFree
EnterCriticalSection
IsBadWritePtr
GetExitCodeProcess
InitializeCriticalSection
VirtualQuery
GetStartupInfoA
TlsFree
GetSystemTimeAsFileTime
GetVersion
GetCurrentProcessId
GetLastError
TlsSetValue
HeapReAlloc
RtlUnwind
ExitProcess
GetEnvironmentStringsW
GetCommandLineW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy

advapi32

CryptDestroyHash
RegEnumKeyExA
LookupPrivilegeNameA
CryptSetHashParam
GetUserNameW
RegOpenKeyA
RegReplaceKeyW
CryptEnumProvidersW
LookupAccountNameW
RegCreateKeyExW
CryptEncrypt
CryptEnumProviderTypesW
CryptSignHashA
RegQueryMultipleValuesA
RegSaveKeyW
LookupPrivilegeValueW
CryptDeriveKey
RegDeleteValueA
InitiateSystemShutdownA
AbortSystemShutdownA

gdi32

DeleteColorSpace
GetPixelFormat

user32

DialogBoxParamW
FindWindowA
GetScrollBarInfo
GetAltTabInfo
SetWindowsHookA
DlgDirListComboBoxW
IsWindowVisible
FreeDDElParam
SetMenuItemBitmaps
ActivateKeyboardLayout
DispatchMessageA
CreateMenu
DrawTextA
LoadCursorFromFileA

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24ff11e997da9d615d8d2ff6e98db822

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

Sections

.text Size: 134KB - Virtual size: 133KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 134KB - Virtual size: 133KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 14KB - Virtual size: 13KB