58c119b437c098d87d4e46b8639365c6

Sharing

Copy URL Twitter E-mail

General

Target

58c119b437c098d87d4e46b8639365c6
Size

136KB
MD5

58c119b437c098d87d4e46b8639365c6
SHA1

17e770b7daf0824ec44b67b7752253035dc87a7e
SHA256

5ba0528f4994b23319286aa42ea0575d51ae6d4b34812dc60cfc77eb6f1c56d9
SHA512

fef090b35705c821e71be8f1e7eb19ded67859dcba33efca4f14ac39ed8718b4f8988de0f54ef376b50c6794cc83f35017d12ce4c0162313c88ce230dae32182
SSDEEP

3072:DyMJKe8GDokcp6RfQ2rFH4Vb88uvfR77Hxw70CG5j45ON1I:BodYtwzuXF7RVx5j45g1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58c119b437c098d87d4e46b8639365c6

Files

58c119b437c098d87d4e46b8639365c6
.exe windows:4 windows x86 arch:x86

226776bc7dfe99392eb364227f9888e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
DeleteFileA
LocalFileTimeToFileTime
EnumCalendarInfoA
GetStringTypeExA
GetOEMCP
GetStartupInfoA
GetCPInfo
DisableThreadLibraryCalls
IsBadCodePtr
SetLastError
GetUserDefaultLangID
GetModuleHandleA
MulDiv
GetModuleFileNameW

msvcrt

__getmainargs
_acmdln
__p__commode
exit
towlower
qsort
_adjust_fdiv
strlen
strncat
log10
_except_handler3
_open
malloc
__lc_codepage
_initterm
__setusermatherr
_controlfp
strncpy
_XcptFilter
__set_app_type
_open_osfhandle
__p__fmode

oleaut32

GetErrorInfo
SafeArrayPtrOfIndex
GetActiveObject
VariantClear
SysAllocStringLen
SafeArrayGetElement
SysAllocStringByteLen
SysStringLen

gdi32

OffsetViewportOrgEx
CreateEnhMetaFileA
GetDCOrgEx
SetArcDirection
EndPage
CreateEllipticRgn
GetTextColor
EnumFontFamiliesExW
EndPath
StrokePath
SetMapMode

version

GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoSizeW
VerLanguageNameA
VerInstallFileA

user32

DrawIconEx
SetCursor
IsWindowEnabled
GetDesktopWindow
CallNextHookEx
GetClientRect
GetWindowThreadProcessId
IsRectEmpty
LoadBitmapA

comctl32

CreatePropertySheetPageA
ImageList_DragShowNolock
ImageList_Add
ImageList_GetIcon
ImageList_DrawEx
ImageList_Draw
InitCommonControls
InitCommonControlsEx
ImageList_Create
CreateToolbarEx
ImageList_SetDragCursorImage
PropertySheetW

shell32

DragFinish
SHGetMalloc
SHGetPathFromIDListA
DragQueryFileW
SHCreateDirectoryExA
CommandLineToArgvW
ExtractIconExW
DragAcceptFiles
ShellExecuteExW
ExtractIconA
SHFileOperationA
Shell_NotifyIconW

ole32

CoCreateGuid
CreateStreamOnHGlobal
CreateItemMoniker
CoTaskMemFree
StringFromGUID2
CoGetInterfaceAndReleaseStream
CoRevokeClassObject

advapi32

GetTokenInformation
DeregisterEventSource
EqualSid

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

226776bc7dfe99392eb364227f9888e5

Headers

File Characteristics

Imports

kernel32

msvcrt

oleaut32

gdi32

version

user32

comctl32

shell32

ole32

advapi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 99KB - Virtual size: 99KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 99KB - Virtual size: 99KB