329cf5d8ea4e2c9a345d9c28741c582b

Sharing

Copy URL Twitter E-mail

General

Target

329cf5d8ea4e2c9a345d9c28741c582b
Size

176KB
MD5

329cf5d8ea4e2c9a345d9c28741c582b
SHA1

4ee5fed043f0a0d00258a3bbcca7e4a042fec712
SHA256

cffe3428ac3b3166a6be900a30250273cff3a0710c91d9840538fa948dee9970
SHA512

d8d691291043bc31fc19724b5e10c9f503bb970621abdb3ee614ec254e3dd31f1d5a4f2fb344cacab336c361ca6e0efed9fe5feafe099d69d0f41ff1439459ae
SSDEEP

3072:LfJOXPtFxvOFYlKzGRevwo7lqi9Izjn/3AC16jXA1oR+5M:LfgX7xYYJRevwop8MCMM1oR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
329cf5d8ea4e2c9a345d9c28741c582b

Files

329cf5d8ea4e2c9a345d9c28741c582b
.exe windows:4 windows x86 arch:x86

b6e231ce00e9a9c5c02cbcacb43b4894

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
SizeofResource
WideCharToMultiByte
SetEvent
ExitThread
lstrcpyA
HeapFree
FreeLibrary
CompareStringA
VirtualAllocEx
lstrcmpA
GetStdHandle
LocalFree
MulDiv
HeapDestroy
lstrcpynA
GetCurrentProcess
GetFileType
GetCurrentProcessId
LoadResource
EnumCalendarInfoA
GetLocaleInfoA
SetHandleCount
GlobalAlloc
GetStringTypeW
GlobalAddAtomA
SetEndOfFile
GetProcAddress
GetFileAttributesA
GetProcessHeap
DeleteCriticalSection
RaiseException
Sleep
GetLastError
GetUserDefaultLCID
GetThreadLocale
EnterCriticalSection
GetVersion
GetCommandLineA
GetSystemDefaultLangID
GetEnvironmentStrings
lstrcmpiA
LockResource
LocalReAlloc
FindFirstFileA
CreateEventA
SetErrorMode
MoveFileExA
GlobalFindAtomA
GetCurrentThread
SetFilePointer
CreateThread
CloseHandle
LocalAlloc
ExitProcess
GetModuleFileNameA
FormatMessageA
GetCPInfo
GetFileSize
FindResourceA
GetStringTypeA
GetLocalTime
DeleteFileA
GetVersionExA
SetLastError
VirtualAlloc
GetTickCount
GlobalDeleteAtom
GetCurrentThreadId
GetDiskFreeSpaceA
LoadLibraryExA
InitializeCriticalSection
GetModuleHandleA
CreateFileA
GetOEMCP
GetACP
WaitForSingleObject
lstrlenA
LoadLibraryA
ResetEvent
VirtualFree
ReadFile
lstrcatA
MoveFileA
SetThreadLocale
VirtualQuery

version

VerInstallFileA
GetFileVersionInfoA

msvcrt

wcschr
wcscspn
memmove
clock
swprintf
wcstol
calloc
sprintf
time
memset
_acmdln
sqrt

ole32

CreateBindCtx
StgOpenStorage
CreateOleAdviseHolder
CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoUnmarshalInterface
CreateStreamOnHGlobal
CoGetContextToken

user32

EnumChildWindows
GetDlgItem
FillRect
GetSubMenu
HideCaret
TrackPopupMenu
SetWindowTextA
EndPaint
CharLowerA
GetScrollRange
GetKeyState
GetIconInfo
GetParent
DispatchMessageA
GetActiveWindow
DrawIcon
GetCursorPos
GetClientRect
EnumWindows
GetMenuItemCount
SetCursor
GetFocus
DefWindowProcA
GetLastActivePopup
GetSysColor
CreateMenu
GetCursor
DefFrameProcA
GetForegroundWindow
IsWindowVisible
ShowScrollBar
DeferWindowPos
CharToOemA
BeginPaint
CharLowerBuffA
ShowWindow
DrawIconEx
FindWindowA
GetWindow
GetPropA
GetScrollInfo
ClientToScreen
SystemParametersInfoA
DrawMenuBar
GetClassLongA
CreatePopupMenu
IsWindowEnabled
SetWindowPos
CreateIcon
GetMenu
GetKeyNameTextA
GetCapture
IsMenu
GetSysColorBrush
SetTimer
DrawFrameControl
GetScrollPos
EnableScrollBar

Sections

.CODE
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 5KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6e231ce00e9a9c5c02cbcacb43b4894

Headers

File Characteristics

Imports

kernel32

version

msvcrt

ole32

user32

Sections

.CODE Size: 45KB - Virtual size: 45KB

BSS Size: 121KB - Virtual size: 120KB

INIT Size: 5KB - Virtual size: 73KB

.bss Size: 1024B - Virtual size: 867B

.tls Size: 2KB - Virtual size: 1KB

.CODE
Size: 45KB - Virtual size: 45KB

BSS
Size: 121KB - Virtual size: 120KB

INIT
Size: 5KB - Virtual size: 73KB

.bss
Size: 1024B - Virtual size: 867B

.tls
Size: 2KB - Virtual size: 1KB