13396b5e683565a2a925b7216d59144b

Sharing

Copy URL Twitter E-mail

General

Target

13396b5e683565a2a925b7216d59144b
Size

88KB
MD5

13396b5e683565a2a925b7216d59144b
SHA1

1be60ce3bbd2c87349966dc6a1853564011a6863
SHA256

49b2644103786b63d78ffe437949a5be74a955d19e0e401fa0d58f8a2f2852bf
SHA512

4798410fc77065bdecc8693dd0e0cef208eebf3bacfde079e37d9f805fbfbfa91686d2724abfac2e843fb1e1214ba0867e999a000feddcd92bd816648a706d36
SSDEEP

1536:sJLHPJv5OjINrhEcDIxS8i0QxikdKaAfKAdK2g3RKgdWVH:IlvQjncDI4P7dKdKIK26KgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13396b5e683565a2a925b7216d59144b

Files

13396b5e683565a2a925b7216d59144b
.exe windows:5 windows x86 arch:x86

a58ac9071ac28f3166501337ab4c088b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
UnhandledExceptionFilter
GetOEMCP
GetCPInfo
InitializeCriticalSection
VirtualAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleFileNameA
GetStdHandle
WriteFile
GetProcAddress
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetACP
MulDiv

gdi32

SetBkMode
DeleteObject
CreateCompatibleDC
SelectObject
BitBlt
GetDeviceCaps
CreateFontIndirectA
GetStockObject
DeleteDC
SetTextColor

user32

PostMessageA
LoadStringA
InvalidateRect
MessageBoxA
PostQuitMessage
KillTimer
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
RegisterClassExA
LoadCursorA
LoadIconA
LoadBitmapA
UpdateWindow
ShowWindow
CreateWindowExA
EndPaint
DrawTextA
GetClientRect
BeginPaint
GetUpdateRect

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kcugigd
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a58ac9071ac28f3166501337ab4c088b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

ole32

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 52KB - Virtual size: 52KB

kcugigd Size: - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 52KB - Virtual size: 52KB

kcugigd
Size: - Virtual size: 4KB