38e93103093d97b7dd1524cdb0e41dbd

Sharing

Copy URL

Twitter E-mail

General

Target

38e93103093d97b7dd1524cdb0e41dbd
Size

254KB
MD5

38e93103093d97b7dd1524cdb0e41dbd
SHA1

bb3f6553dfceaa1f52ebf24b15bbac6dc2257966
SHA256

15af6b1bb41f227bd7f79870c8e572f92dc85a8cc0b083b8cc3057819ef68722
SHA512

70d0cc2a33476a7c049a179cd4684cacd8d7d33371b974e71a1c5c3a52b961fc807bccd179a91d2e6164b6aeab6232225952667cc1c186fbcc8516d1bf2d72b0
SSDEEP

6144:DQuX/N+zUuoHIjIduBGFIxMe3axVbkHVr:dX7YjWSdPd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38e93103093d97b7dd1524cdb0e41dbd

Files

38e93103093d97b7dd1524cdb0e41dbd
.exe windows:4 windows x86 arch:x86

fe3e48ecd7cb5c42c503e4676fbe2f68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
lstrlenA
lstrcmpA
GetPrivateProfileStringA
GetPrivateProfileIntA
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
GlobalLock
GlobalUnlock
HeapDestroy
GetCurrentProcess
LCMapStringA
FlushInstructionCache
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
VirtualAlloc
WriteFile
IsBadWritePtr
HeapCreate
GetVersionExA
VirtualFree
GetFileType
GetStdHandle
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
GetModuleFileNameA
FreeEnvironmentStringsW
GetOEMCP
GetACP
UnhandledExceptionFilter
HeapSize
TerminateProcess
GetCPInfo
HeapAlloc
HeapFree
HeapReAlloc
GetVersion
GetCommandLineA
ExitProcess
GetModuleHandleA
RtlUnwind
GetStartupInfoA
CloseHandle
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
GetLastError
EnterCriticalSection
ReadFile
SetFilePointer
lstrlenW
SetStdHandle
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection

user32

LoadCursorA
UpdateWindow
DispatchMessageA
SetCursor
CharNextA
GetWindowTextA
SetWindowTextA
InvalidateRgn
InvalidateRect
TranslateMessage
GetMessageA
GetWindowTextLengthA
ShowWindow
PostMessageA
wsprintfA
SetCapture
ReleaseCapture
RedrawWindow
CreateAcceleratorTableA
GetDesktopWindow
GetParent
DestroyWindow
IsWindow
GetFocus
GetClassNameA
SetWindowPos
GetDC
GetWindow
SetFocus
GetClientRect
ReleaseDC
BeginPaint
GetDlgItem
FillRect
EndPaint
CallWindowProcA
SendMessageA
GetSysColor
RegisterWindowMessageA
GetWindowLongA
SetWindowLongA
IsChild
GetClassInfoExA
PostQuitMessage
DefWindowProcA
TranslateAcceleratorA
LoadIconA
CreateWindowExA
RegisterClassExA
GetSystemMetrics
LoadAcceleratorsA

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateSolidBrush
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
DeleteObject
GetObjectA
GetStockObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoTaskMemFree
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CLSIDFromString
OleInitialize
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
OleUninitialize

oleaut32

OleCreateFontIndirect
LoadRegTypeLi
SysStringLen
SysAllocString
SysAllocStringLen
DispCallFunc
VariantClear
SysFreeString

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe3e48ecd7cb5c42c503e4676fbe2f68

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 2KB