08090d12d5d4fce419e119ea6561abc3

Sharing

Copy URL

Twitter E-mail

General

Target

08090d12d5d4fce419e119ea6561abc3
Size

215KB
MD5

08090d12d5d4fce419e119ea6561abc3
SHA1

057def0448747c6a53105d74f75231c6733794dd
SHA256

e1417ce2885930d925e78f311777efa405e663c54bb44102f780195c0e96ca80
SHA512

0f8e8dc55b53e90c3df3c7c67d566c1859f19b3ace49a42846e6fd9dada4e013d37248dad96439e90693e71eb6504d399c73a89e8ab3411214b8944c56e90f8e
SSDEEP

6144:e6pmcBZHUoZVcOMv1zKPKixraPSmXdQdXaeAJ:efRo/zMJKyorVm7eAJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08090d12d5d4fce419e119ea6561abc3

Files

08090d12d5d4fce419e119ea6561abc3
.exe windows:4 windows x86 arch:x86

41a5ce383d30e80c2c5366b8f6730fc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageA
ShowWindow
SetForegroundWindow
GetDlgItemInt
GetForegroundWindow
DialogBoxIndirectParamA
SetSysColors
MessageBoxIndirectA
SendMessageA
ReplyMessage
DefDlgProcA

ole32

CoRevokeMallocSpy
CoGetStandardMarshal
CoMarshalInterface
CoFileTimeToDosDateTime
CoCreateInstance
CoInstall
CoAddRefServerProcess
CoRegisterClassObject
OleCreateFromData

kernel32

GetEnvironmentStringsW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wguzx
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ktgoqg
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41a5ce383d30e80c2c5366b8f6730fc9

Headers

File Characteristics

Imports

user32

ole32

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 92KB

wguzx Size: 288KB - Virtual size: 287KB

ktgoqg Size: 105KB - Virtual size: 105KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 92KB

wguzx
Size: 288KB - Virtual size: 287KB

ktgoqg
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 5KB - Virtual size: 5KB