6149e2f28d8b32568b5200e81b20902d

Sharing

Copy URL

Twitter E-mail

General

Target

6149e2f28d8b32568b5200e81b20902d
Size

166KB
MD5

6149e2f28d8b32568b5200e81b20902d
SHA1

1bad5e3cc2a6e8bf0c4ef9eb6fcf65643b36de40
SHA256

8f715aa416dff7b9185566281ed37d86974047989ec1506ac01f0298f06b210f
SHA512

fb4d3050dee076e92068da14ae14403ded27a24f93497b27324a539a4b15c931eeca33cdc297732e2385180455ef2f6325b4f5f4a77c5df978dd5877219763b0
SSDEEP

3072:1QtMQLkR+Qtqstruh7lvfpGACE1kICWx5lcUgpyiVGAfzXfT//qvq:0MdPFWnGAfjeYiVZrXfr/qS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6149e2f28d8b32568b5200e81b20902d

Files

6149e2f28d8b32568b5200e81b20902d
.exe windows:4 windows x86 arch:x86

a71123f21beca0ebf7151e4aba55f675

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDesktopFolder
Shell_NotifyIconA
SHGetFolderPathA
SHGetSpecialFolderLocation

comdlg32

ChooseColorA
GetSaveFileNameA
GetFileTitleA

ole32

CoGetContextToken
CoCreateFreeThreadedMarshaler
CLSIDFromProgID
StringFromIID
CoUninitialize
PropVariantClear
CoCreateInstanceEx
CoCreateInstanceEx
CoUninitialize
MkParseDisplayName
CoCreateGuid
CoReleaseMarshalData
StringFromIID
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CreateOleAdviseHolder
CoUninitialize
CreateBindCtx
StgOpenStorage
CreateStreamOnHGlobal
ReleaseStgMedium
CoGetObjectContext
MkParseDisplayName
OleCreateStaticFromData
CreateBindCtx
CoRevokeClassObject
CoRegisterClassObject

oleaut32

SysReAllocStringLen
SafeArrayGetUBound
GetErrorInfo
VariantCopyInd
SysFreeString
RegisterTypeLib
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElement

kernel32

FindFirstFileA
VirtualAlloc
GetStringTypeW
LoadLibraryA
GetModuleHandleA
LocalReAlloc
GetVersionExA
GetStartupInfoA
ExitThread
SetFilePointer
ExitProcess
GetProcAddress
LoadLibraryA
GetProcAddress
MulDiv
InitializeCriticalSection
GetDateFormatA
GetUserDefaultLCID
FindResourceA
LocalFree
GetStringTypeA
GetDiskFreeSpaceA
GetFileAttributesA
GetCPInfo

gdi32

SetTextColor
GetObjectA
GetRgnBox
CreateBrushIndirect
GetDIBits
BitBlt

advapi32

RegEnumKeyExA
RegEnumValueA

user32

RegisterClipboardFormatA
IsDialogMessageW
DefWindowProcA
CallWindowProcA
RedrawWindow
IsIconic
ChildWindowFromPoint
DrawIconEx
ShowScrollBar
SetPropA
PeekMessageA
SetWindowLongA
SetCapture
SetScrollRange
GetWindowTextA
CheckMenuItem
PtInRect
CharUpperBuffA
GetSystemMetrics
GetCursorPos
SetWindowTextA
OemToCharA
SetFocus
GetSubMenu
MapWindowPoints
GetClientRect
SetScrollPos
TranslateMessage
TrackPopupMenu
PeekMessageW
GetWindow
GetFocus
MsgWaitForMultipleObjects
GetMenuState
SetClipboardData
IsWindowUnicode
SendMessageA
GetMenuItemID
BeginPaint
GetKeyboardLayoutNameA
GetMessagePos
LoadCursorA
SetScrollInfo
DestroyIcon
wsprintfA
CloseClipboard
EqualRect
FillRect
SetForegroundWindow
IsWindowVisible
IsChild
DrawTextA
CharLowerA
GetWindowPlacement
SetMenuItemInfoA
InflateRect
LoadIconA
DrawEdge
IsRectEmpty
RemovePropA
CreateMenu
IsWindowEnabled
SetWindowPlacement
GetScrollInfo
OpenClipboard
ScreenToClient
TranslateMDISysAccel
GetClassNameA
GetDesktopWindow
GetDlgItem
ShowWindow
CharNextW
IsDialogMessageA
FindWindowA
WaitMessage
CreatePopupMenu
EnumWindows
UnregisterClassA
SetWindowsHookExA
SetWindowPos
InsertMenuItemA
GetMenuStringA
GetCapture
InvalidateRect
GetKeyboardLayout
DefFrameProcA
IsZoomed
SetRect
DrawAnimatedRects
CharToOemA
GetPropA
CharNextA
LoadStringA
GetKeyNameTextA
GetParent
GetClipboardData
GetMenu
DeleteMenu
SetTimer
DefMDIChildProcA
ShowOwnedPopups
PostQuitMessage
MapVirtualKeyA
GetDC
CreateIcon
GetCursor
DrawIcon
ScrollWindow
GetClassInfoA
EnableWindow
DrawMenuBar
GetWindowLongA
SetClassLongA
GetActiveWindow

msvcrt

clock
strncmp
pow
malloc
log
srand
log10
memmove

shlwapi

PathIsContentTypeA
SHStrDupA
SHQueryInfoKeyA
PathGetCharTypeA
PathFileExistsA
SHGetValueA
SHSetValueA
SHEnumValueA

comctl32

ImageList_Write
ImageList_Create
ImageList_GetBkColor
ImageList_Read
ImageList_Remove
ImageList_Add

version

VerQueryValueA
VerInstallFileA

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a71123f21beca0ebf7151e4aba55f675

Headers

File Characteristics

Imports

shell32

comdlg32

ole32

oleaut32

kernel32

gdi32

advapi32

user32

msvcrt

shlwapi

comctl32

version

Sections

.text Size: 31KB - Virtual size: 30KB

.idata Size: 512B - Virtual size: 68KB

.edata Size: 133KB - Virtual size: 132KB

.text
Size: 31KB - Virtual size: 30KB

.idata
Size: 512B - Virtual size: 68KB

.edata
Size: 133KB - Virtual size: 132KB