315e77399b73b00b4e19a09be8bcbd9e

Sharing

Copy URL Twitter E-mail

General

Target

315e77399b73b00b4e19a09be8bcbd9e
Size

78KB
MD5

315e77399b73b00b4e19a09be8bcbd9e
SHA1

52595c058d3fe4f64e6ebf06de2930e4b127f501
SHA256

e117b776773bc7cea967779c6bcba40185d41e5314f812c51ede9fb33aac1d12
SHA512

e7f2421bfb0637e6b0e11cf1126331c62a0c5fdc788c359997f5edbaa63aaf565eb6874577d1d510e83ee99794288bb2e294479db7ed66bd0f694790d02b2892
SSDEEP

1536:b6sfLOkSAToqXFfiJ42qQiQFuA7aiE2rXxKxpOhej1:JfLDSqfXe42/uW2Ewxp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
315e77399b73b00b4e19a09be8bcbd9e

Files

315e77399b73b00b4e19a09be8bcbd9e
.exe windows:5 windows x86 arch:x86

a5f9c889cc9c3f43ea5307b8452bc1f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

FrameRect
SetWindowTextA
SetWindowPos
UnhookWindowsHookEx
PostQuitMessage
EnumWindows
EnableMenuItem
EqualRect
GetMessageA
GetSysColorBrush
GetSubMenu
GetScrollPos
GetSysColor

kernel32

ExitProcess
GetTimeZoneInformation
GetACP
GetThreadLocale
GetCurrentProcessId
GetTempPathA
VirtualAllocEx
GetOEMCP
SetUnhandledExceptionFilter
GetFileAttributesA
InterlockedExchange
FileTimeToSystemTime
RtlUnwind
GetTickCount
GetStartupInfoA

gdi32

SetViewportExtEx
FillRgn
CreateICW
GetMapMode
CopyEnhMetaFileA
DPtoLP
CreateCompatibleBitmap
SelectClipPath
ExcludeClipRect

ole32

CoInitialize
OleRun
StgOpenStorage
CoCreateInstance
CoRevokeClassObject
DoDragDrop
CoTaskMemRealloc
CoInitializeSecurity
StringFromGUID2

advapi32

RegCreateKeyA
RegQueryValueExW
CryptHashData
RegCreateKeyExW
AdjustTokenPrivileges
CheckTokenMembership
GetUserNameA
QueryServiceStatus
GetSecurityDescriptorDacl
FreeSid

msvcrt

strncpy
fflush
__initenv
_CIpow
__setusermatherr
_mbscmp
_lock
_flsbuf
strcspn
strlen
_fdopen
iswspace
fprintf
signal
puts
raise
__getmainargs
_strdup

comctl32

ImageList_Destroy
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_DrawEx
ImageList_LoadImageW
ImageList_Write
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_DragEnter
ImageList_LoadImageA
InitCommonControls
ImageList_SetIconSize

shell32

ExtractIconW
ShellExecuteEx
DoEnvironmentSubstW
DragAcceptFiles
ShellExecuteW
ExtractIconExW
SHGetPathFromIDList
DragQueryFileA
DragQueryFileW
CommandLineToArgvW
SHBrowseForFolderA

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayCreate
SafeArrayPutElement
VariantCopy
SafeArrayRedim
SysReAllocStringLen

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5f9c889cc9c3f43ea5307b8452bc1f8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 5KB