316f3061603af0c40b09224889235f48

Sharing

Copy URL

Twitter E-mail

General

Target

316f3061603af0c40b09224889235f48
Size

143KB
MD5

316f3061603af0c40b09224889235f48
SHA1

3678c0b881b194c3bf42123dbc5be356267298da
SHA256

ea9c681835ae785088ef9307dbda0801edd9bf7887d9dd4fd0326b92a2bbd72e
SHA512

cf19a05438565efd2c3cbea77c48e0eb32495d549b38d8b4f28e28762ea127cb681946a645e3ef04f9539ffe02a52a6d8eea8c8d58cdc0ec9e17f9b3a7800092
SSDEEP

3072:TfqXOzP/oVSAIZsrz5fipQt3izOgyoVKnUG6BRCWCnK6IFAURT0pRcuxkD:Tf1GSANrlqpQ5gvVayDC1SFAaT0plxkD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
316f3061603af0c40b09224889235f48

Files

316f3061603af0c40b09224889235f48
.exe windows:5 windows x86 arch:x86

2e5e96b06debe3cb6434ccc021578e90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
GetOpenFileNameA

shlwapi

StrCpyNW
StrChrNW

user32

InflateRect
CharUpperW
SetForegroundWindow
CreateWindowExW
GetDoubleClickTime
SetSysColors
LockWindowUpdate
OemToCharBuffA
IsDialogMessageA
DeferWindowPos
AllowSetForegroundWindow
MoveWindow
GetDCEx
GetScrollPos
SetWindowPos
GetWindowLongA
DrawAnimatedRects
MessageBoxA
GetClassInfoA
SetActiveWindow
GetFocus
SetCursor
DrawTextW
CharNextExA
MessageBoxW
CharToOemBuffA
IsWindowVisible
CharNextA

kernel32

FindResourceExW
GetACP
SetCommBreak
GetProcessHeap
HeapAlloc
GetSystemDirectoryW
lstrlenW
GetModuleHandleW
EnterCriticalSection
RegisterWaitForSingleObject
GetCommTimeouts
GetTickCount
GetAtomNameA
FindCloseChangeNotification
EnumResourceNamesA
GetCommConfig
TransactNamedPipe
HeapFree
GetUserDefaultLCID

gdi32

AddFontResourceW
CreateCompatibleBitmap
GetTextExtentPointW
GetRgnBox
PtVisible
GetBkMode
Escape
CreateRectRgnIndirect
SelectClipRgn
GetTextExtentPointA
CreateHalftonePalette
Polyline
EnumFontFamiliesW

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e5e96b06debe3cb6434ccc021578e90

Headers

File Characteristics

Imports

comdlg32

shlwapi

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 43KB - Virtual size: 43KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 22KB - Virtual size: 126KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 43KB - Virtual size: 43KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 22KB - Virtual size: 126KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB