10ad64aa5a2e5f1b6c9d3d6275247302

Sharing

Copy URL Twitter E-mail

General

Target

10ad64aa5a2e5f1b6c9d3d6275247302
Size

138KB
MD5

10ad64aa5a2e5f1b6c9d3d6275247302
SHA1

900e5612ce8d518c7e3eafba6e891c624e628734
SHA256

f161cc46fd59b4d1cd0fef292bde6bfd79c5f4160cc45071524031f09b697847
SHA512

eef69d066331015850219fd5852120f71cd5f6707765986e2218d182c5c032f5970cb4d10fef8bed5e4ca66a4fb23fb418e2c6749f88fafcf8a0b0bfa312d569
SSDEEP

3072:gpgv68Lr0Eu4xB3h2KzCc0GJZ1E4IxrB2:28f9u4hlrk12

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10ad64aa5a2e5f1b6c9d3d6275247302

Files

10ad64aa5a2e5f1b6c9d3d6275247302
.exe windows:4 windows x86 arch:x86

6c1ab07e0d6e5ec850182bfd58d92716

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetFileAttributesA
WaitForMultipleObjects
VirtualProtect
WaitForSingleObject
GetStartupInfoA
GetLocaleInfoA

msvcrt

exit
__setusermatherr
_initterm
_except_handler3
_chmod
log
__getmainargs
_vsnwprintf
_XcptFilter
_acmdln
_isctype
__set_app_type
fsetpos
_adjust_fdiv
__p__fmode
__mb_cur_max
_pipe
__p__commode

user32

CharLowerA
EmptyClipboard
GetCursorPos
IsDialogMessageA
wsprintfA
InsertMenuA

gdi32

InvertRgn
LineDDA
GetMetaFileBitsEx
SetTextColor
CopyMetaFileW
RectVisible
ExtFloodFill
StrokePath
PolylineTo
ExtTextOutW
GetDIBColorTable
CreateRoundRectRgn
RemoveFontResourceA
CreateCompatibleBitmap

oleaut32

SafeArrayGetUBound
LoadTypeLib
SafeArrayRedim
GetErrorInfo
CreateErrorInfo

shell32

SHGetDiskFreeSpaceExW
SHGetDesktopFolder
SHGetFileInfoA
ExtractIconExA
SHAddToRecentDocs
SHGetFolderLocation
DragAcceptFiles
SHFileOperationW
DragFinish
ShellExecuteA

advapi32

RegQueryInfoKeyW
OpenSCManagerA
IsValidSid
CopySid
RegCreateKeyA
RegCloseKey
ControlService
OpenServiceW

ole32

CoRegisterMessageFilter
OleIsCurrentClipboard
CoGetMalloc
OleGetClipboard
CoRevokeClassObject
CLSIDFromProgID
CoCreateGuid

comctl32

ImageList_Write
ImageList_BeginDrag
ImageList_EndDrag
InitCommonControlsEx
ImageList_GetImageInfo

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
VerFindFileW
VerInstallFileA

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c1ab07e0d6e5ec850182bfd58d92716

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

oleaut32

shell32

advapi32

ole32

comctl32

version

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 25KB - Virtual size: 25KB