838c59678df9c5890ad5acf7a821a6e484abcd91cebc34d78a0de62c2bd58b5e

Sharing

Copy URL Twitter E-mail

General

Target

838c59678df9c5890ad5acf7a821a6e484abcd91cebc34d78a0de62c2bd58b5e
Size

172KB
MD5

a36c709030a004582781b34be0773c69
SHA1

037107b09a360a5ad87fa0f3313be3055b70d424
SHA256

838c59678df9c5890ad5acf7a821a6e484abcd91cebc34d78a0de62c2bd58b5e
SHA512

093564e6ea00aedbf0c82b41552de37f345c81ac8a123b2b1a860af9dcf68c483f38f5047d1bffca1ce7d5158ba35b83486754d3ed4733fcf3f2670d685952f2
SSDEEP

3072:ULKL7KEaUYJRrthfkv4/JhPhCYgnnEg5zJod2:7ojkQLPAQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
838c59678df9c5890ad5acf7a821a6e484abcd91cebc34d78a0de62c2bd58b5e

Files

838c59678df9c5890ad5acf7a821a6e484abcd91cebc34d78a0de62c2bd58b5e
.exe windows:4 windows x86 arch:x86

584f231a0918354892a7d2bab30ae9eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileA
GetCurrentDirectoryA
OutputDebugStringA
CreateThread
CloseHandle
GlobalFree
ReadFile
GlobalAlloc
WriteFile
FindNextFileA
FindFirstFileA
Sleep
SetConsoleTextAttribute
GetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
SetFilePointer
MultiByteToWideChar
RtlUnwind
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLastError
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetEndOfFile
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetProcAddress
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess

user32

DispatchMessageA
TranslateMessage
MessageBoxA
GetWindowTextLengthA
GetWindowTextA
SendMessageA
EndDialog
PostQuitMessage
CreateDialogParamA
GetDlgItem
SetWindowTextA
GetClientRect
MoveWindow
InvalidateRect
DefWindowProcA
DestroyWindow
DialogBoxParamA
BeginPaint
EndPaint
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

ShellExecuteA

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 476.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

584f231a0918354892a7d2bab30ae9eb

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 476.9MB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 476.9MB

.rsrc
Size: 16KB - Virtual size: 13KB