29187a806eb3625d249c4c5538542605

General

Target

29187a806eb3625d249c4c5538542605
Size

150KB
MD5

29187a806eb3625d249c4c5538542605
SHA1

6e549ee72a61c312fa6205d547a087dbf243ab09
SHA256

bdc85b56e87da9b5190832a9a69ef4fbc40963fec16002991326794daafab537
SHA512

7b55aa72a659b0aa33fe257558e31bb654c4c682c80b42ba0b6818b605ca1b178908b7341150dc4bf08190095e5099163ea8aabee2a21ec904ad8fbae1cf46c0
SSDEEP

3072:qziraH0Qomk4ZjS6UF0qDCzd7PWzfy0hw1zalnOm:KirxQjPZjSP0qDud7PWzfRczalnOm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29187a806eb3625d249c4c5538542605

Files

29187a806eb3625d249c4c5538542605
.exe windows:4 windows x86 arch:x86

089d21b2d48272184f5a64b848ee1b12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetRgnBox
CreatePalette
GetBitmapBits
SelectPalette
BitBlt
SetBkMode
SelectObject

ole32

CoUnmarshalInterface
CoRegisterClassObject
CoRevokeClassObject
CoDisconnectObject
PropVariantClear

shlwapi

PathIsContentTypeA
PathGetCharTypeA

advapi32

RegQueryInfoKeyA

comctl32

ImageList_DrawEx
ImageList_Add

oleaut32

SafeArrayGetUBound
SysReAllocStringLen

user32

GetClientRect
GetClipboardData
GetFocus
GetClassInfoA
DefMDIChildProcA
GetClassLongA
EnableScrollBar
DrawEdge
GetCapture
EnumChildWindows
GetDesktopWindow
GetCursor
IsWindowEnabled

version

VerInstallFileA

shell32

DragQueryFileA
SHGetFolderPathA
SHGetSpecialFolderLocation
SHFileOperationA

kernel32

EnterCriticalSection
HeapDestroy
GetLastError
Sleep
GetOEMCP
HeapFree
VirtualAllocEx
GetModuleHandleA
ExitProcess
LoadLibraryExA
GetCurrentProcess
lstrlenA
GetVersionExA

msvcrt

fabs
memmove
asin
memcpy

Sections

CODE
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 115KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

089d21b2d48272184f5a64b848ee1b12

Headers

File Characteristics

Imports

gdi32

ole32

shlwapi

advapi32

comctl32

oleaut32

user32

version

shell32

kernel32

msvcrt

Sections

CODE Size: 34KB - Virtual size: 33KB

.idata Size: 115KB - Virtual size: 186KB

.edata Size: 512B - Virtual size: 144B

CODE
Size: 34KB - Virtual size: 33KB

.idata
Size: 115KB - Virtual size: 186KB

.edata
Size: 512B - Virtual size: 144B