61848e184d63969a7f1f56c7ab922130

Sharing

Copy URL Twitter E-mail

General

Target

61848e184d63969a7f1f56c7ab922130
Size

201KB
MD5

61848e184d63969a7f1f56c7ab922130
SHA1

06c5041a41696b4985a77effb02fc6d9d803a054
SHA256

4f8714b402ed1c73b3e98eb7889f79e2f2cac74e7aa1dfbe492f8b3587a33ee9
SHA512

3ec587400e4af6f743ea54d65e4010f01016365048fe8e3ef4778242a3b04124b032b588ec5d9b15a661718391b22a07e7890284bc68503a652f0dab7dd2f995
SSDEEP

3072:59x+BaOwwtKLSRLKfCZD+gTWvJXxeLzrMbzd68lTcSGI3EW60rlUJie+fGH9jdT:5WBb7tlZD+gTatxFbVcUEWOJH+fGHNF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61848e184d63969a7f1f56c7ab922130

Files

61848e184d63969a7f1f56c7ab922130
.exe windows:4 windows x86 arch:x86

1e05ea40c7fdee66b0a534fae5367740

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
InterlockedExchange
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
GetCPInfo
GetLocaleInfoA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetStartupInfoA
GetCommandLineA
GetVersionExA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime

user32

MessageBoxA
DrawStateA
DestroyMenu
SetParent
SendNotifyMessageW
LoadBitmapA
GetOpenClipboardWindow
LoadMenuW

comctl32

ord15
ImageList_SetBkColor
ImageList_Copy
ImageList_GetImageRect
ord14
DrawStatusTextW
ImageList_GetDragImage
ImageList_GetIconSize
CreatePropertySheetPageA

shlwapi

PathUnmakeSystemFolderA
SHEnumKeyExA
PathMakePrettyW
SHOpenRegStreamW
StrTrimW
PathFindFileNameA
StrCSpnA
PathGetCharTypeA
PathRemoveExtensionW
UrlIsNoHistoryW
StrRChrA
PathFindNextComponentW
StrSpnA
SHDeleteEmptyKeyW
PathCanonicalizeA
PathIsDirectoryW

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e05ea40c7fdee66b0a534fae5367740

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

shlwapi

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 31KB - Virtual size: 390KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 31KB - Virtual size: 390KB

.rsrc
Size: 3KB - Virtual size: 3KB