204903bdbb9048f347bfb82bcee2ea73

Sharing

Copy URL Twitter E-mail

General

Target

204903bdbb9048f347bfb82bcee2ea73
Size

2.0MB
MD5

204903bdbb9048f347bfb82bcee2ea73
SHA1

76b1580cb7c5dd2fbd2eea9e925695dd5e67542e
SHA256

1118bd36cf1d6a5b368837db661e0cd220b2e791f74b3a41eca9d03d3336b39c
SHA512

8722339ee4712fb1dba96338802dc4282e57f7e98b732cd54e7a395754031fa347173ef9078168586bd542f8dc0eb5b6a39e0844a14a9a17c819e9350608e435
SSDEEP

49152:EbEXS43Il3bQaJQbRRN5vkdZ5ojaEOHAiWAAFF6z9PHIBhmTunbape:T+xJwNBaZ5oj+AiWVF6z9PHIBhmTunbz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
204903bdbb9048f347bfb82bcee2ea73

Files

204903bdbb9048f347bfb82bcee2ea73
.exe windows:4 windows x86 arch:x86

348ecaf9650d7997e528b2d02049c940

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RestoreDC
ExtSelectClipRgn
SetTextColor
ScaleViewportExtEx
SetPixel
OffsetViewportOrgEx
CreatePalette
CreatePen
SelectObject
SetBkColor
ExtTextOutW
CreateCompatibleBitmap
DeleteObject
SetWindowExtEx
TextOutW
CreateSolidBrush
CreateCompatibleDC

kernel32

HeapFree
InterlockedExchange
GetTickCount
GetCurrentProcess
GetProcAddress
FreeLibrary
CloseHandle
CreateFileW
GetSystemTimeAsFileTime
EnterCriticalSection
GetStartupInfoA
SetUnhandledExceptionFilter
HeapAlloc
GetLocalTime
LeaveCriticalSection
VirtualFree
LoadLibraryA
QueryPerformanceCounter
TerminateProcess
VirtualAlloc
WriteFile
ReadFile
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
Sleep

comctl32

ImageList_Draw
ImageList_Destroy
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_GetDragImage
InitCommonControlsEx

advapi32

ImpersonateSelf
RegCreateKeyW
OpenServiceW
RevertToSelf
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExW
GetTokenInformation
RegQueryValueW
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExW
RegCloseKey
OpenProcessToken
RegQueryInfoKeyA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

user32

GetWindowRect
DestroyWindow
GetDlgItem

comdlg32

GetOpenFileNameW

shell32

CommandLineToArgvW
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationA
SHGetMalloc
SHFileOperationW
SHGetSpecialFolderPathW
DragQueryFileW
ShellExecuteW
SHGetPathFromIDListA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

348ecaf9650d7997e528b2d02049c940

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

advapi32

msvcrt

version

user32

comdlg32

shell32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 104KB - Virtual size: 101KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 104KB - Virtual size: 101KB

.rsrc
Size: 36KB - Virtual size: 32KB