3042850b88b8bc892e399cf0b5604bec

Sharing

Copy URL Twitter E-mail

General

Target

3042850b88b8bc892e399cf0b5604bec
Size

129KB
MD5

3042850b88b8bc892e399cf0b5604bec
SHA1

8bc99f101e688c560ff47d42c9e73b6c2d9f5031
SHA256

98c49575e289ea4079b4236bfe0c4a7dc06a1afb3e00df5f54275e786c80446e
SHA512

daa7d5dba425766d8c220419e2a5b810ccbe9a29b5165ed492c540eadfeb020dc09885bed518a7e8b81f60c4018a56def2b51aedf783a46aba2867c34fe3a018
SSDEEP

3072:aj41hjIrF5r693/FOf7qr4T+oHnWhYtT2r/5VJO:Gd5r6l/0mrenttirB6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3042850b88b8bc892e399cf0b5604bec

Files

3042850b88b8bc892e399cf0b5604bec
.exe windows:4 windows x86 arch:x86

08978a9a998963dabace108f79d60670

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
CreateBrushIndirect
SelectObject

kernel32

ResetEvent
ExitProcess
GlobalAddAtomA
VirtualAllocEx
lstrcmpA
GetCurrentProcess
LocalReAlloc
GetLocalTime
InitializeCriticalSection
Sleep
GetCurrentThread
LocalFree
lstrcpyA
CreateFileA
IsBadReadPtr
CreateEventA
SetEvent
GetVersionExA
LoadLibraryA
SetFilePointer
RaiseException

comdlg32

FindTextA
ChooseColorA
GetSaveFileNameA
GetFileTitleA

ole32

MkParseDisplayName
GetHGlobalFromStream
StringFromIID
CLSIDFromString
CoUnmarshalInterface
ReleaseStgMedium
CoDisconnectObject
CoFreeUnusedLibraries
CoGetObjectContext
CoCreateInstanceEx

user32

IsDialogMessageW
ShowOwnedPopups
GetIconInfo
DeleteMenu
IsWindowUnicode
GetTopWindow
GetMenuItemID
GetClassNameA
RegisterWindowMessageA
SetScrollInfo
GetWindowRect
DrawMenuBar
GetWindowLongA
GetCursorPos
GetSysColorBrush
PostQuitMessage
GetSystemMenu
ActivateKeyboardLayout
GetWindowTextA
CheckMenuItem
GetMenuStringA
CharUpperBuffA
IsDialogMessageA
LoadStringA
SetRect
GetCursor
GetWindowDC
IsIconic
IsZoomed
SetWindowTextA
GetDlgItem
CharNextA
GetPropA
IsMenu
SetWindowsHookExA
EnableMenuItem
CreateWindowExA
LoadKeyboardLayoutA
GetDCEx
DrawAnimatedRects
MoveWindow
RegisterClipboardFormatA
GetScrollInfo
GetKeyboardLayoutNameA
DrawEdge
ReleaseDC
CharToOemA
CloseClipboard
GetKeyState
CharLowerA
InsertMenuA
DrawIcon
TrackPopupMenu
DrawIconEx
EmptyClipboard
GetWindow
RegisterClassA
SetWindowLongA
GetActiveWindow
SendMessageW
SetMenuItemInfoA
LoadIconA
SetMenu
IsWindowVisible
GetKeyNameTextA
SetTimer
GetMenuItemInfoA
FrameRect
GetClipboardData
GetFocus
WaitMessage
GetMenu
ReleaseCapture
DispatchMessageW
GetDC
RemovePropA
BeginPaint
EqualRect
SetClassLongA
GetScrollRange
DefFrameProcA
PostMessageA
GetKeyboardLayout
CallWindowProcA
GetWindowTextLengthA
PeekMessageW
SystemParametersInfoA
MapVirtualKeyA
TranslateMDISysAccel
LoadCursorA
SetCapture
ChildWindowFromPoint
IsChild
GetScrollPos
GetSubMenu
FindWindowA
SetScrollPos
GetMenuItemCount
DefMDIChildProcA
GetSysColor
OffsetRect
SetWindowPlacement
UpdateWindow
OemToCharA
InflateRect
SetActiveWindow
SendMessageA
DestroyCursor
RemoveMenu
EnableScrollBar
SetParent
CharNextW

Exports

Exports

d4wXqp4ptFcWil
_WZcGI6s55FVwLQ
_g2Lvzw867MZqYL@16
_2dbYV9xOLWwX

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08978a9a998963dabace108f79d60670

Headers

File Characteristics

Imports

gdi32

kernel32

comdlg32

ole32

user32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 112KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 112KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 1024B - Virtual size: 4KB