469899da0406b3d72bd844a9eba9ba7c

Sharing

Copy URL Twitter E-mail

General

Target

469899da0406b3d72bd844a9eba9ba7c
Size

118KB
MD5

469899da0406b3d72bd844a9eba9ba7c
SHA1

b086398264b91f4cfe7c08c1b02cd384fad9921f
SHA256

197085a0a4cd9bcadedb737cbe6a99d365f9f2c6399aec5eff9955d062568363
SHA512

b060d4465a8e960b72a49425ac9000d2e26800b42858cde23f952cd348b268113d8b6256d32afa05f79b74d71310357497914241dae3753fd4e65bac78db1320
SSDEEP

3072:779cdTCBPcp4NGEFqu8xJztpg25m9YGrUb:X9MAYaqnzQh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
469899da0406b3d72bd844a9eba9ba7c

Files

469899da0406b3d72bd844a9eba9ba7c
.exe windows:5 windows x86 arch:x86

91bcccf0e3172c656323fcfe506b4314

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginDeferWindowPos
PostThreadMessageA
GetClassLongA
FindWindowA
CheckMenuRadioItem
GetMenuItemCount
GetActiveWindow
LoadStringW
GetClassInfoExW
RemovePropW
MapVirtualKeyExW
InflateRect
MessageBoxA
InternalGetWindowText
DrawAnimatedRects
LockWindowUpdate
SystemParametersInfoW
DrawStateW
RedrawWindow
PostQuitMessage
EndDialog
DialogBoxParamW
GetDC
HideCaret
EnableWindow
RegisterClassExW
GetClassInfoW
WaitMessage
GetClassInfoExA
SwitchToThisWindow

shlwapi

StrSpnW
UrlGetPartW
StrCmpW

ntdll

memset

gdi32

CreateDiscardableBitmap
DeleteObject
SetTextAlign
GetTextAlign
CreateHatchBrush
RectInRegion
CreateFontIndirectA
GetTextColor
SaveDC
GetObjectW
CreateDCW
WidenPath
RoundRect
GetTextCharsetInfo

comdlg32

PrintDlgW
ChooseColorW
FindTextW
GetOpenFileNameA
GetFileTitleW

kernel32

AreFileApisANSI
IsDBCSLeadByte
lstrlenW
IsDBCSLeadByteEx
SetCommBreak
CreateEventW
GetCurrentProcessId
UnmapViewOfFile
EnumSystemLocalesA
lstrcatA
FindClose
GetSystemDefaultUILanguage
WaitForDebugEvent
GetFullPathNameW
WaitForMultipleObjects
SetFileTime
GetOEMCP
lstrcpyA

Exports

Exports

?zosrPRWCQFPOge@@YGGE_N@Z

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91bcccf0e3172c656323fcfe506b4314

Headers

File Characteristics

Imports

user32

shlwapi

ntdll

gdi32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 76KB

.idata Size: 7KB - Virtual size: 6KB

.data Size: 25KB - Virtual size: 149KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 76KB

.idata
Size: 7KB - Virtual size: 6KB

.data
Size: 25KB - Virtual size: 149KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB