0593f39a804d95ccfd9a8bb444b7356e

Sharing

Copy URL

Twitter E-mail

General

Target

0593f39a804d95ccfd9a8bb444b7356e
Size

2.4MB
MD5

0593f39a804d95ccfd9a8bb444b7356e
SHA1

f9af562a73dda07da21a294624761657fe63d8e8
SHA256

12400436389c9c7e2ba44451cbb9f31bd9469d855af41568a8e136ff1f7bdb88
SHA512

54fe377a6bd605346fbc27a1a4d1d47a485c562bf902e948eba1e45ba2b6e1e75454496377e453c079e31af85992c9001f50fdba991bfa29af07fe903c1c6248
SSDEEP

49152:lP/PR5iTdweXvchZxtZceZZqy2dg8jfzpQCP:RPviTb0zxtZbHr2dg8jfdQg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0593f39a804d95ccfd9a8bb444b7356e

Files

0593f39a804d95ccfd9a8bb444b7356e
.exe windows:4 windows x86 arch:x86

167ab12c68c0499597bf170a9cc4d50c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayCreate
VariantChangeTypeEx
SafeArrayPutElement
VariantCopyInd
VariantClear

kernel32

lstrcmpiW
Sleep
SetHandleCount
TlsAlloc
LoadResource
IsValidLocale
GetCommandLineA
FindResourceW
GetStdHandle
LocalAlloc
EnterCriticalSection
FreeEnvironmentStringsW
GetProcAddress
GetLastError
TerminateProcess
GetCurrentThreadId
GetFileSize
WideCharToMultiByte
GetCurrentDirectoryA
GetSystemTimeAsFileTime
HeapCreate
LoadLibraryExA
SetStdHandle
ReadConsoleW
MultiByteToWideChar
AreFileApisANSI
SetFileAttributesA
SetEvent
LockResource
MapViewOfFile
ReadFile
UnhandledExceptionFilter
VirtualAlloc
FindFirstFileW
HeapAlloc
LeaveCriticalSection
QueryPerformanceCounter
RtlUnwind
InterlockedExchange
SetLastError
SetThreadPriority
GetStringTypeA
GlobalLock
CloseHandle
SetUnhandledExceptionFilter
GetVersionExW
GlobalAlloc
SetFilePointer
WriteFile
GetModuleHandleA
WritePrivateProfileStringW
ExpandEnvironmentStringsW
LoadLibraryA
GetFileType
HeapDestroy
HeapReAlloc
GetModuleHandleW

gdi32

CreateSolidBrush
CreateBrushIndirect
SelectObject
CreateFontW
CreateDCW
GetBkColor
CreateFontIndirectA
CreateCompatibleDC
EndPage
CreateFontIndirectW
SetWindowExtEx
GetDIBits
DeleteObject
FrameRgn
SetTextColor
GetDeviceCaps
SetPixel
SetBkMode
SetBkColor
SetDCPenColor
RectVisible
GdiFlush
DeleteDC
GetCurrentPositionEx
RealizePalette
TextOutW

comctl32

ImageList_SetImageCount
_TrackMouseEvent
ImageList_GetImageCount
ImageList_Destroy
ImageList_ReplaceIcon

shell32

StrStrA
StrChrA

advapi32

RegOpenKeyA
RegisterEventSourceW
RegDeleteKeyA
CopySid
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
AllocateAndInitializeSid
RegEnumValueA
CryptHashData
RegOpenKeyExA

shlwapi

PathFindExtensionA
PathFindExtensionW
StrToIntA
PathRemoveFileSpecW
PathRemoveBackslashW
PathStripToRootW
PathCompactPathExW
UrlUnescapeW
PathStripPathW
PathFileExistsW
StrTrimA

user32

EnableWindow
DestroyMenu
KillTimer
GetDC
UpdateWindow
DestroyWindow
MsgWaitForMultipleObjects
ShowWindow
MessageBoxW
LoadCursorA
GetDlgItem
OffsetRect
SetCursor
GetSysColor
GetMenuItemCount
CharToOemA
GetWindowThreadProcessId
ClientToScreen
OpenClipboard
GetSubMenu
TranslateAcceleratorW
CharLowerA
GetWindowLongW
LoadBitmapW
GetWindowLongA
IsWindow
SetWindowPos
GetSysColorBrush
DrawTextA
SetWindowLongW
CallWindowProcW
MoveWindow
DrawFrameControl
GetParent
PeekMessageA
AppendMenuW
LoadImageW
IsWindowEnabled
GetNextDlgTabItem
SendMessageW
InvalidateRect
GetMenuState
ExitWindowsEx
SetDlgItemTextW
UnregisterClassW
ReleaseCapture
SetActiveWindow
BringWindowToTop
wsprintfA
LoadBitmapA
SystemParametersInfoA
GetSystemMetrics
LoadCursorW
PostQuitMessage
GetClientRect
TranslateMessage
GetMenu
SetWindowTextW
EndDialog
SetWindowsHookExW
GetFocus
WindowFromPoint
BeginPaint
GetWindowRect
CharNextA
CharUpperW
RegisterClassA
CallNextHookEx
LoadStringW
CreateDialogParamW

msvcrt

wcscpy
_getche
_controlfp
__set_app_type
_vsnwprintf
swprintf
_initterm
_XcptFilter
_makepath
qsort
_wfopen
malloc
_adjust_fdiv
fclose
__getmainargs
free
calloc
wcsncpy
_except_handler3
_exit

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167ab12c68c0499597bf170a9cc4d50c

Headers

File Characteristics

Imports

oleaut32

kernel32

gdi32

comctl32

shell32

advapi32

shlwapi

user32

msvcrt

Sections

.text Size: 204KB - Virtual size: 200KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 188KB - Virtual size: 184KB

.text
Size: 204KB - Virtual size: 200KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 188KB - Virtual size: 184KB