129208b604851cd5ee259f2bd381dfcd

General

Target

129208b604851cd5ee259f2bd381dfcd
Size

97KB
MD5

129208b604851cd5ee259f2bd381dfcd
SHA1

7f4777d993a21a000e7dfe49e631829579e9e6ae
SHA256

ba0aac518a72a10cad29d2920054fee43d99323b13ff535e5107f77cf3e9a6d8
SHA512

ba025c13f63cf1a9d4763c860902a6bcc830c87eeb6f7e55938caa9a6ca086d907ce136c4f711b98e4e3e2afcd756db63e742795fe6a570cb0fa7bd0a1014844
SSDEEP

1536:UuSlVHRtZrBKe+bQlmTC73/B3MfZCCQ2wmzcctiLR9LGD:UuSllRBoQlmzZCCZFzcctidU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
129208b604851cd5ee259f2bd381dfcd

Files

129208b604851cd5ee259f2bd381dfcd
.exe windows:4 windows x86 arch:x86

116bff91a32521aff57fe571a7278a76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
lstrlenA
lstrcpyA
SetEvent
LoadLibraryExA
GetEnvironmentStrings
Sleep
ExitProcess
ExitThread
LoadLibraryA
GetModuleHandleA
EnumCalendarInfoA
MoveFileExA
GetVersion
VirtualFree
WaitForSingleObject
GetACP
HeapDestroy
GetLocalTime
GetLastError
GetStartupInfoA
HeapFree
VirtualAlloc

version

VerFindFileA

shlwapi

PathGetCharTypeA
SHGetValueA
SHEnumValueA

gdi32

GetDCOrgEx

msvcrt

wcstol
mbstowcs
swprintf
tolower
calloc
sqrt
fabs
abs
memcpy
strcmp
malloc
strlen
memmove
sprintf
rand
log
srand

user32

CreateWindowExA
CheckMenuItem
GetLastActivePopup
CallWindowProcA
GetClientRect
EnumThreadWindows
CharToOemA
DrawIconEx
GetClassLongA
GetActiveWindow
GetMenuItemInfoA
DefMDIChildProcA
DrawFrameControl
CharNextA
MessageBoxA
GetMenuItemID
EqualRect
IsWindowVisible
SetWindowTextA
SystemParametersInfoA
SetWindowPos
IsWindowEnabled
GetSysColor
CallNextHookEx
FrameRect
GetMenu
GetCapture

Sections

text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

116bff91a32521aff57fe571a7278a76

Headers

File Characteristics

Imports

kernel32

version

shlwapi

gdi32

msvcrt

user32

Sections

text Size: 46KB - Virtual size: 46KB

.init Size: 47KB - Virtual size: 47KB

.idata Size: 2KB - Virtual size: 1KB

text
Size: 46KB - Virtual size: 46KB

.init
Size: 47KB - Virtual size: 47KB

.idata
Size: 2KB - Virtual size: 1KB