386173469fec85726bb20544db30a1d0

Sharing

Copy URL Twitter E-mail

General

Target

386173469fec85726bb20544db30a1d0
Size

491KB
MD5

386173469fec85726bb20544db30a1d0
SHA1

5f08abd1a3278acec1ccb9b5fff9a0e268749bef
SHA256

c6484cc9a25e36ac1be38fa1d95d8be0bb052c2fc120e34886a494b47988df97
SHA512

142a10a98117e0c5bc1f1bf6d8499644b83349796fcefc8461b03c8949c5943472f0ebce18d879b4baabdac02b967d3d4187beae0e5ffb7984e6097c0bef533c
SSDEEP

12288:MUh4N1jNZLa8DPWTkpzymjt5kgwuL7toD:Mc4TjtCkpzymh5Aul

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386173469fec85726bb20544db30a1d0

Files

386173469fec85726bb20544db30a1d0
.exe windows:4 windows x86 arch:x86

f0647af2317902779b58f248949f2c9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetStartupInfoW
EnumTimeFormatsW
GetTempPathW
GetLastError
FillConsoleOutputCharacterA
HeapAlloc
TlsSetValue
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
SetConsoleOutputCP
SetCriticalSectionSpinCount
EnumSystemLocalesA
MultiByteToWideChar
SetConsoleCtrlHandler
WriteFile
GetModuleFileNameW
GetOEMCP
WritePrivateProfileSectionW
LCMapStringW
GetACP
GetStartupInfoA
GetCPInfo
GetMailslotInfo
GetStringTypeW
SetLastError
GetLocaleInfoW
GetProcAddress
FindResourceExW
GetLocaleInfoA
TlsFree
WaitForDebugEvent
FreeLibrary
GetProcessHeap
GetTimeFormatA
VirtualQuery
InterlockedIncrement
TlsAlloc
IsValidLocale
EnterCriticalSection
GetUserDefaultLCID
SetHandleCount
GetFileType
HeapReAlloc
InterlockedDecrement
ExitProcess
CopyFileA
GetEnvironmentVariableW
VirtualAlloc
TlsGetValue
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
GetCurrentThread
GetVersionExA
HeapCreate
GetCurrentThreadId
LCMapStringA
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetDateFormatA
GetTickCount
GetStringTypeA
CompareStringA
GetCommandLineW
LeaveCriticalSection
IsValidCodePage
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSection
SetCurrentDirectoryA
DeleteFileA
GetEnvironmentStringsW
WideCharToMultiByte
GetStdHandle
GetTimeZoneInformation
HeapFree
TerminateProcess
LoadLibraryA
LocalCompact
Sleep
UnhandledExceptionFilter
DeleteCriticalSection

comdlg32

ReplaceTextW
GetFileTitleA
GetSaveFileNameW
FindTextA
PageSetupDlgA
ChooseColorA
PrintDlgA
FindTextW
ChooseFontW
PrintDlgW
GetOpenFileNameA
ChooseColorW

shell32

DragQueryFileA
ExtractAssociatedIconW
SheChangeDirA
SHBrowseForFolder
SHGetFileInfo
SHGetDataFromIDListW
InternalExtractIconListA
SHGetDiskFreeSpaceA
DragAcceptFiles
SHGetFileInfoW
SHLoadInProc
ShellHookProc
SHFormatDrive
SHGetSpecialFolderLocation
ShellExecuteA
SheChangeDirExW
SHGetSettings
SHFileOperationA
SHInvokePrinterCommandW
SHGetPathFromIDListA
DragFinish

gdi32

LineDDA
UpdateICMRegKeyW
CreateFontW

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0647af2317902779b58f248949f2c9a

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

gdi32

Sections

.text Size: 167KB - Virtual size: 167KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 167KB - Virtual size: 167KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 9KB - Virtual size: 8KB