32a5114299ec6ecca3d1136cc7fba21a

Sharing

Copy URL Twitter E-mail

General

Target

32a5114299ec6ecca3d1136cc7fba21a
Size

31KB
MD5

32a5114299ec6ecca3d1136cc7fba21a
SHA1

c27f5efd0d520970d0d100c15a93473dea02d50e
SHA256

791728cbff610a740519a1cb967803e3c74bb074c8b85bf24972ca2f06ba84ee
SHA512

2ca1bc00f743e8cef1a23dd52d921b62aa8d9b2b3b72c2e9f633fe4f1c7062d6cac555563e6f5d3f119387edf70226a211cdda7cebf0065c224615f1bcbbc292
SSDEEP

384:S1wEfd7FYdws/xNQtp1qy7t18/ojjJwQKsKW+Pr89rCDdssdXTHJGHhyQQId1/VG:fs7FsZNQbB5/j9wQQ+YXTHJYdQId1PE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32a5114299ec6ecca3d1136cc7fba21a

Files

32a5114299ec6ecca3d1136cc7fba21a
.exe windows:4 windows x86 arch:x86

401283c877679745280157bd63674489

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualFree
GetVersionExA
FreeLibrary
GetCurrentThreadId
GetCurrentProcessId
FreeLibrary
InitializeCriticalSection
CloseHandle
GetCommandLineW
VirtualFree
VirtualProtect
lstrcpyW
EnterCriticalSection
lstrcmpiW
LoadLibraryA
InterlockedDecrement
WideCharToMultiByte
GetProcAddress
HeapDestroy
TerminateProcess
GetStartupInfoW
GetACP
VirtualAlloc
GetCommandLineA
GetStartupInfoW
CreateThread
InterlockedIncrement
InterlockedDecrement
CreateThread
HeapDestroy
InterlockedIncrement
HeapAlloc
SetEvent
HeapFree
GetCommandLineA
LeaveCriticalSection
GetModuleHandleA
lstrcmpiW
LeaveCriticalSection
GetCommandLineW
GetCurrentProcess
GetCommandLineW
SetEvent
LocalAlloc
GetCurrentThreadId
GetACP
VirtualProtect
WideCharToMultiByte
GetCurrentThreadId
UnhandledExceptionFilter
GetStartupInfoW
GetCurrentThreadId
VirtualProtect
GetCommandLineW
VirtualProtect
InitializeCriticalSection
GetProcAddress
VirtualProtect
VirtualProtect
GetCommandLineW
CreateThread
MultiByteToWideChar
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
CloseHandle
VirtualProtect
GetProcAddress
CloseHandle
HeapReAlloc
GetModuleHandleA
GetSystemTimeAsFileTime
VirtualFree
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
InitializeCriticalSection
GetStartupInfoA
HeapFree

user32

TranslateAcceleratorW
GetClientRect
PostQuitMessage
LoadBitmapW
PeekMessageW
MessageBoxA
SetRect
DrawIcon
SetWindowPos
EnumWindows
SetWindowLongA
SendDlgItemMessageW
KillTimer
GetThreadDesktop
FindWindowW
GetSubMenu
GetForegroundWindow
GetDlgItemTextW
GetClassNameW
DrawIcon
LoadStringW
WinHelpW
RegisterClipboardFormatW
GetProcessWindowStation
DeferWindowPos
PostQuitMessage
SetWindowPos
EnumWindows
GetUserObjectInformationW
FindWindowW
MsgWaitForMultipleObjects
SetDlgItemTextA
MessageBoxW
LoadCursorW
CreateDialogParamW
MoveWindow
MsgWaitForMultipleObjects
TranslateAcceleratorW
GetFocus
IsDlgButtonChecked
GetMessageA
ReleaseCapture
DeleteMenu
GetMessageA
GetThreadDesktop
GetDlgItemTextW
GetLastActivePopup
GetWindowThreadProcessId
GetActiveWindow
SetCapture
SetWindowLongA
GetFocus
GetSystemMetrics
IntersectRect
CloseWindowStation
EndDeferWindowPos
BringWindowToTop
RegisterClassA
ShowWindow
SystemParametersInfoA
WinHelpW
GetParent
GetWindowThreadProcessId
GetKeyState
GetCursorPos
PostMessageA
DefWindowProcW
LoadStringW
SetDlgItemTextA
GetWindowTextW
SetDlgItemTextA
GetDesktopWindow
RegisterWindowMessageW
DefWindowProcW
DefWindowProcA
CreatePopupMenu
PostMessageW

gdi32

Rectangle
SetWindowExtEx
DeleteDC
LineTo
CreateCompatibleBitmap
GetTextExtentPointW
LineTo
RestoreDC
GetStockObject
CreateBitmap
SetStretchBltMode
DeleteObject
SetStretchBltMode
DeleteObject
DeleteDC
SetBkMode
SetBkColor
GetTextExtentPoint32W
SelectObject
SetTextAlign
GetObjectW
SaveDC
SetBkColor
SetMapMode
GetDeviceCaps
TextOutW
MoveToEx
GetObjectA
GetTextExtentPoint32W
GetObjectA
CreateSolidBrush
SetMapMode
GetTextMetricsW
Rectangle
GetStockObject
SetTextColor
GetTextMetricsW
SetTextColor
CreateRectRgn
TextOutW
GetTextExtentPoint32W
ExtTextOutW
StretchBlt
SaveDC
Rectangle
CreatePatternBrush
CreatePatternBrush
GetDeviceCaps
DeleteDC
TranslateCharsetInfo
CreateCompatibleBitmap
GetStockObject
GetDeviceCaps
TranslateCharsetInfo
SetBkMode
CreatePatternBrush
RealizePalette
SetTextColor
DeleteObject
SetTextColor
CreatePen
CreatePen
BitBlt
SetBkColor
DeleteObject
GetStockObject
CreateSolidBrush
CreateBitmap
DeleteObject
TextOutW
LineTo
GetTextMetricsW
CreateSolidBrush
GetDeviceCaps
GetTextExtentPoint32W
CreateBitmap
ExtTextOutW
SetTextColor
DeleteObject

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

401283c877679745280157bd63674489

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 6KB - Virtual size: 8KB

.data Size: 7KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 8KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 6KB - Virtual size: 8KB

.data
Size: 7KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 10KB - Virtual size: 12KB