120b40901a63a19d1501d18cf284d5ac

Sharing

Copy URL Twitter E-mail

General

Target

120b40901a63a19d1501d18cf284d5ac
Size

107KB
MD5

120b40901a63a19d1501d18cf284d5ac
SHA1

86588d11d2ad0b82dac24c287e96bd8091cfe06d
SHA256

a0cb9f68858c7cf40087c9012e5f638633f2e872c3b5f60c1e163dcd05b4b031
SHA512

3150b2943e304d8c9212b751c6af89d66bb586ef54847247529cfad98b95e621c9a1326d5ec6081873109182bd4d1208962841fbc40c4b78aa97a5af80f818fa
SSDEEP

1536:WJ1kP8k3sQys0Kh+2ImKCccQtAY79/mhtvyt4kKMMiU1aoauY:q1a8k/f+xLt9W9kKMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
120b40901a63a19d1501d18cf284d5ac

Files

120b40901a63a19d1501d18cf284d5ac
.exe windows:4 windows x86 arch:x86

e837422256cc8662517da239511d6f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
QueryServiceStatus
OpenProcessToken
InitializeSecurityDescriptor
DeleteService
CloseServiceHandle

ole32

RevokeDragDrop
OleInitialize
OleFlushClipboard
GetConvertStg
CreateDataAdviseHolder
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoResumeClassObjects
CoGetMalloc
CoFileTimeNow
CoCreateInstance
CoCreateGuid
WriteFmtUserTypeStg

user32

SetFocus
OemToCharBuffA
MessageBoxIndirectA
LoadBitmapA
CreateMenu
CreateCursor
CharUpperA
CharToOemBuffA
CharPrevA

shell32

SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHBindToParent

shlwapi

PathIsRootA
PathFileExistsA
PathMatchSpecA
SHAutoComplete
StrStrIA
PathFindFileNameA
PathIsRelativeA

msvcrt

strlen
strchr
getenv
rand
memcpy
free
strstr

kernel32

lstrcpynA
lstrlenA
lstrcatA
Sleep
SetLastError
RaiseException
OpenFileMappingA
GetVersion
GetSystemTimeAsFileTime
GetLocalTime
ExitThread
EnumResourceTypesA
EnumResourceNamesA
CompareStringA
CloseHandle
lstrcmpA

Exports

Exports

Akc
Bgw
Bra
Csn
Cto
Iwj
Kee
Nwc
Pum
Qvu
Vkt
Ydm
Zsv

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e837422256cc8662517da239511d6f39

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 23KB - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 23KB - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB