222519569f9953270c34b7036cd51cc4

Sharing

Copy URL

Twitter E-mail

General

Target

222519569f9953270c34b7036cd51cc4
Size

186KB
MD5

222519569f9953270c34b7036cd51cc4
SHA1

23d31b168ee31e54b740c0c98f8a72a1ed36a499
SHA256

dc573cbd86a693ec172e237fc3353b7bafe1787ff4898c256d347147bb9c8916
SHA512

faf6dae9e3b11fb08eb78d7f17996f9c584c082667395b11041b5fd57b9f03f6ceb45ceeac8ae19b42cd7f83ec2fefd954bc10170e7f7fd7bf1818a85b74764e
SSDEEP

3072:gZJTJ/b0p/7fmFcOakMuxzKhqIsNyerGlOjkJNrCPn9ad+xZSzdJt4gaS6I0:gZH/b0p/ieOkuxzsqnNySG2+NuPn9adb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
222519569f9953270c34b7036cd51cc4

Files

222519569f9953270c34b7036cd51cc4
.exe windows:4 windows x86 arch:x86

cf9c8363d18d43f3a0002c26fee2168c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mciSendCommandA
sndPlaySoundA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
InterlockedExchange
Sleep
GetLocalTime
EnumResourceNamesA
FindClose
GetVersion
ExitProcess
GetWindowsDirectoryA
FindFirstFileA

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

SetTextColor
SetBkMode
CreateSolidBrush
GetDeviceCaps
GetObjectA
RestoreDC
EnumFontFamiliesExA
CreateRectRgn
SelectObject
GetTextExtentPoint32A
TextOutA
GetStockObject
CreateFontIndirectA
DeleteMetaFile
CreateCompatibleDC
Rectangle
SaveDC
DeleteObject
BitBlt
DeleteDC
CreateCompatibleBitmap

user32

SetCursor
ReleaseDC
IsWindow
MoveWindow
ReleaseCapture
GetSysColor
FillRect
SetWindowLongA
GetWindowLongA
GetDlgItem
LoadCursorA
SetWindowPos
GetWindowInfo
GetDC
SetCapture

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf9c8363d18d43f3a0002c26fee2168c

Headers

File Characteristics

Imports

winmm

ole32

shell32

kernel32

oleacc

advapi32

version

gdi32

user32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 220KB