04f035ecf942a0f2f00d8723562efc99

Sharing

Copy URL Twitter E-mail

General

Target

04f035ecf942a0f2f00d8723562efc99
Size

293KB
MD5

04f035ecf942a0f2f00d8723562efc99
SHA1

0384b0ae624485534481d88147a742a63e45c6fd
SHA256

d1c10b1d74f423f70abe07e5d9f85d64f3252df6636c1625ea54bfc864ced861
SHA512

97bd61c852769ad027bb7305e2184809ef9f2ddf528e32b4f5bc6a8b165dc47bb5ff0a51649b58d96e09c572fcbc844eeac4c222e636e3663235aea9a9e15b6b
SSDEEP

6144:dn9zOeBGi+tJ+fJ6jkGTjdoU36Ef3CtGM59888888888888W88888888888:dY8taJeukGTOVE6tGo9888888888888B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04f035ecf942a0f2f00d8723562efc99

Files

04f035ecf942a0f2f00d8723562efc99
.exe windows:5 windows x86 arch:x86

8106c5bc8580fbc924c75ea26d6e9164

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
WaitMessage
ValidateRect
TranslateMessage
ShowWindow
SetWindowPos
SetParent
SetForegroundWindow
SetFocus
SetCursor
SendMessageA
ScreenToClient
ReleaseDC
PostQuitMessage
OffsetRect
MessageBoxA
MessageBoxW
LoadStringW
LoadCursorW
IsWindowVisible
IsWindowEnabled
IsWindow
InvalidateRect
GetWindowRgn
GetWindowRect
GetWindowDC
GetUpdateRgn
GetSystemMetrics
GetSystemMenu
GetSysColor
GetWindow
GetKeyState
GetFocus
GetDCEx
GetDC
GetCursorPos
GetClientRect
GetCapture
FillRect
EndPaint
EnableMenuItem
DrawTextW
DrawFocusRect
DestroyWindow
DestroyIcon
DeleteMenu
CopyImage
ClientToScreen
CharUpperBuffW
CharToOemW
BeginPaint
CharToOemA
SetWindowLongA
SendMessageA
RegisterClassA
PostMessageA
PeekMessageA
MessageBoxA
LoadIconA
LoadCursorA
GetWindowLongA
GetClassLongA
GetClassInfoA
DrawTextA
DispatchMessageA
DefWindowProcA
CreateWindowExA
CallWindowProcA

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrlenA
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileW
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrcmpiA
WriteFile
WinExec
WaitForSingleObject
VirtualQuery
TerminateProcess
Sleep
SizeofResource
SignalObjectAndWait
SetEvent
ResetEvent
OpenProcess
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GlobalFree
GlobalAlloc
GetVersionExW
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFileAttributesA
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentProcess
GetCPInfo
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindClose
ExpandEnvironmentStringsA
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateProcessA
CreateEventW
CompareStringW
CloseHandle
RemoveDirectoryA
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetFileAttributesA
GetCommandLineA
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
DeleteFileA

gdi32

StretchDIBits
SetWindowOrgEx
SetTextColor
SetRectRgn
SetROP2
SetDIBits
SetBrushOrgEx
SetBkMode
SetBkColor
SelectObject
SaveDC
RoundRect
RestoreDC
PatBlt
OffsetRgn
MoveToEx
IntersectClipRect
GetTextExtentPoint32A
GetTextExtentPoint32W
GetStockObject
GetPaletteEntries
GetDIBits
ExtSelectClipRgn
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreatePatternBrush
CreatePalette
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
BitBlt
GetObjectA
CreateFontIndirectA
CreateFontA

comctl32

ImageList_Draw
InitCommonControls

ole32

CoTaskMemFree

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8106c5bc8580fbc924c75ea26d6e9164

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

comctl32

ole32

shell32

Sections

.text Size: 151KB - Virtual size: 151KB

.itext Size: 1024B - Virtual size: 720B

.data Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 19KB

.idata Size: 6KB - Virtual size: 6KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.rsrc Size: 127KB - Virtual size: 127KB

.text
Size: 151KB - Virtual size: 151KB

.itext
Size: 1024B - Virtual size: 720B

.data
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 19KB

.idata
Size: 6KB - Virtual size: 6KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 127KB - Virtual size: 127KB