38e1bc2a7d685d376e483a3bcfb90da4

Sharing

Copy URL Twitter E-mail

General

Target

38e1bc2a7d685d376e483a3bcfb90da4
Size

23KB
MD5

38e1bc2a7d685d376e483a3bcfb90da4
SHA1

c9ed191c8ccc20607e961b12606ed16a4a8f3b91
SHA256

8184014fa3534bececf5112033a466420471257f1ac1a141577564a26b866c11
SHA512

c1729fcbdf6c38c72d30d8eafe421473f749380fce9959b4eb31354ba47035917fd07fe122754b8444d5b88232cba47d14aea7c48ca088a7dd0a5483c645ff87
SSDEEP

384:PN6yeonbUkFDD51YqsVon9eZjp32nyy21jHptplBtNDl1ToFGm:V68nbUmfzwon9eZF2nyD1vVNxNIGm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38e1bc2a7d685d376e483a3bcfb90da4

Files

38e1bc2a7d685d376e483a3bcfb90da4
.exe windows:4 windows x86 arch:x86

0d6ef5cdf24433af79d061dddfc3aea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CreateDirectoryA
GetWindowsDirectoryA
FindClose
FindFirstFileA
RemoveDirectoryA
GetTempPathA
GetShortPathNameA
GetModuleFileNameA
WideCharToMultiByte
lstrlenW
lstrcmpiA
SetLastError
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
Sleep
GetTickCount
TerminateProcess
WaitForSingleObject
lstrcatA
lstrcpyA
ResumeThread
SetPriorityClass
GetCurrentProcess
lstrlenA
SetThreadPriority
CreateProcessA
GetTempFileNameA
MultiByteToWideChar
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetModuleHandleA
GetStartupInfoA
ExitProcess
DebugBreak
HeapReAlloc
HeapFree
LocalFree
GetLastError
FormatMessageA
OpenProcess
GetFileAttributesA
GetCurrentThread
DeleteFileA

user32

MapWindowPoints
GetClientRect
SystemParametersInfoA
CallWindowProcA
GetWindowRect
GetWindow
GetParent
GetSystemMetrics
CreateWindowExA
SetWindowPos
GetWindowLongA
DestroyWindow
SetWindowLongA
GetWindowTextLengthA
GetWindowTextA
PostMessageA
FindWindowA
SetForegroundWindow
SendMessageA
GetMessageA
PeekMessageA
IsWindow
GetWindowThreadProcessId
SendMessageTimeoutA
LoadCursorA
RegisterClassExA
CreateDialogParamA
wsprintfA
SetWindowTextA
ShowWindow
DefWindowProcA
UpdateWindow
GetClassInfoExA
GetDlgItem
CharNextA
PostQuitMessage
MessageBoxA
DispatchMessageA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

StringFromGUID2
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocStringLen
VariantClear

setupapi

SetupFindNextLine
SetupFindFirstLineA
SetupGetStringFieldA
SetupSetDirectoryIdA
SetupCloseInfFile
SetupOpenInfFileA
SetupDefaultQueueCallbackA
SetupTermDefaultQueueCallback
SetupInstallFromInfSectionA
SetupInitDefaultQueueCallbackEx
SetupCloseFileQueue

wininet

InternetGetConnectedState
InternetQueryOptionA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d6ef5cdf24433af79d061dddfc3aea4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

setupapi

wininet

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB