213c996bda4cd4e5a758972c0493604d

Sharing

Copy URL

Twitter E-mail

General

Target

213c996bda4cd4e5a758972c0493604d
Size

94KB
MD5

213c996bda4cd4e5a758972c0493604d
SHA1

8391ec0c0f3447061a9adf80709c97ef013a9141
SHA256

0053148337371217e4b66753dedb78426e3393d4e00d2e22de88780b0d75a4bf
SHA512

dc801d19f2224552b4bddf9c4286722795bba9405105dd4b0238c4bc2d3873c847676b5be5a5574a8821bcfa3961752453f7057f0b68061a838383dfe8f89382
SSDEEP

1536:PAsYouX68/m6FkpVxgKVf1mreGkwL9OFKSuRzcyYEcRnp2RR:PAsYoAPFugm5wEK/cyYEsp+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
213c996bda4cd4e5a758972c0493604d

Files

213c996bda4cd4e5a758972c0493604d
.exe windows:5 windows x86 arch:x86

fa50be8f381663c78715c08acb326a0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallNextHookEx
GetParent
SendDlgItemMessageA
SetWindowTextA
SetScrollInfo
MapWindowPoints
SetDlgItemTextA
GetSysColor
DrawFrameControl
CharNextA
DrawIconEx
SetWindowPlacement
TrackPopupMenu
SetTimer
EndPaint
FindWindowA
GetMenuItemCount

msvcrt

realloc
_adjust_fdiv
_except_handler3
_acmdln
getenv
_XcptFilter
_stricmp
__p__commode
__setusermatherr
__getmainargs
_initterm
strstr
strrchr
atexit
calloc
_exit
__p__fmode
fputc
_vsnprintf
sqrt
fopen
__set_app_type
free

comdlg32

GetOpenFileNameA

kernel32

SetLastError
GetTempFileNameA
GlobalLock
RtlUnwind
CompareStringW
GetStdHandle
GetStartupInfoA
InterlockedIncrement
GetNumberFormatA
DuplicateHandle
CreateProcessA
GetEnvironmentStringsW
GetLocaleInfoW

advapi32

OpenServiceW
OpenProcessToken
CryptGenRandom
RegOpenKeyA
CheckTokenMembership
RegCreateKeyExA
RegDeleteKeyW
RegDeleteKeyA
AllocateAndInitializeSid
RegQueryInfoKeyW
RegQueryValueA
FreeSid
RegEnumKeyExA

comctl32

ImageList_EndDrag
ImageList_LoadImageW
PropertySheetW
ImageList_DragLeave
ImageList_Replace
CreatePropertySheetPageW
ImageList_Remove
ImageList_GetImageCount
ImageList_SetOverlayImage

ole32

StgOpenStorage
IIDFromString
StgCreateDocfileOnILockBytes
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoCreateGuid
CreateILockBytesOnHGlobal
IsEqualGUID
CoGetClassObject
OleInitialize
StringFromCLSID
CreateItemMoniker

gdi32

Pie
CreateCompatibleBitmap
StrokePath
GetEnhMetaFileHeader
CreateFontIndirectW
CreateHalftonePalette
CreateICW
GetMapMode
SetBkColor
IntersectClipRect
FrameRgn
ExtTextOutW
GetTextFaceA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa50be8f381663c78715c08acb326a0d

Headers

File Characteristics

Imports

user32

msvcrt

comdlg32

kernel32

advapi32

comctl32

ole32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 9KB - Virtual size: 47KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 47KB

.rsrc
Size: 17KB - Virtual size: 16KB