739ce2230ae6d9d39a0f93c0b9562ad3

Sharing

Copy URL Twitter E-mail

General

Target

739ce2230ae6d9d39a0f93c0b9562ad3
Size

217KB
MD5

739ce2230ae6d9d39a0f93c0b9562ad3
SHA1

1a0c5aefa4373810978a626239f32b38448a01c3
SHA256

ea624e4fa40f15fa41dba5f4fcb044bae080ac515ece7935fdc149b610cc23cb
SHA512

11fc1a61a30f51bd3a9dcfddd18d4d99eb813e55ec7accfbdce1a839e71ce4c2cd5080a57b61b8b558ca29a6f95cf247739ec98c41e1bdd95ff62e9f3ff1b3f1
SSDEEP

6144:QaxzMxEC1ezJthEiSMjx12VA3Pk6NW96DS:QGwPeHHfjX2Ver+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
739ce2230ae6d9d39a0f93c0b9562ad3

Files

739ce2230ae6d9d39a0f93c0b9562ad3
.exe windows:5 windows x86 arch:x86

c5a32abc9b3151f73f9619ce1d2684e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
free
__p__fmode
__p__commode
_amsg_exit
atoi
_initterm
_acmdln
strrchr
exit
wcscmp
wcscat
ungetc
_ismbblead
_XcptFilter
fwrite
_exit
_cexit
__setusermatherr
rand
fseek
__getmainargs
malloc

gdi32

DeleteDC
SetViewportOrgEx
SetMapMode
SetTextAlign
RestoreDC
GetSystemPaletteUse
EndDoc
SetBkMode
StretchBlt
GetCurrentObject
EnumFontFamiliesW
GetTextExtentExPointW
CreateRectRgn
SetViewportExtEx

kernel32

GetWindowsDirectoryW
HeapSize
SetCommBreak
LockResource
GlobalFlags
lstrcatW
LocalSize
GetFileType
GetModuleFileNameA
lstrcmpiW
GetCurrentThread
lstrcpyW
GetStartupInfoA
lstrcpynW
GetSystemDirectoryW
SetThreadPriority

comdlg32

CommDlgExtendedError
GetSaveFileNameW

user32

IsZoomed
SetWindowRgn
GetKeyState
AppendMenuA
IsDialogMessageW
SendDlgItemMessageA
KillTimer
CheckMenuItem
InvertRect
SetTimer
RegisterClassA
ChildWindowFromPointEx
GetMonitorInfoW
GetClassLongA
GetKeyboardType
GetMenu
MessageBoxW
GetSubMenu
InsertMenuItemW
RegisterWindowMessageA
LoadStringW
RegisterHotKey
GetUserObjectInformationW
LoadBitmapA
ScrollWindowEx
SetRectEmpty
SetRect
GetScrollRange
CreatePopupMenu
CheckMenuRadioItem
DrawStateW
ShowWindowAsync
ScrollWindow
AllowSetForegroundWindow

Exports

Exports

?CreateEventJUDhfjkldf@@YGKEPA_WG@Z

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.div
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_y
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imul
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.plus
Size: 1024B - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5a32abc9b3151f73f9619ce1d2684e9

Headers

File Characteristics

Imports

msvcrt

gdi32

kernel32

comdlg32

user32

Exports

Exports

Sections

.text Size: 174KB - Virtual size: 173KB

.idat Size: 512B - Virtual size: 380B

.diag_x Size: 512B - Virtual size: 28B

.data Size: 2KB - Virtual size: 2KB

.div Size: 2KB - Virtual size: 1KB

.diag_y Size: 512B - Virtual size: 73B

.imul Size: 512B - Virtual size: 150B

.plus Size: 1024B - Virtual size: 594B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 174KB - Virtual size: 173KB

.idat
Size: 512B - Virtual size: 380B

.diag_x
Size: 512B - Virtual size: 28B

.data
Size: 2KB - Virtual size: 2KB

.div
Size: 2KB - Virtual size: 1KB

.diag_y
Size: 512B - Virtual size: 73B

.imul
Size: 512B - Virtual size: 150B

.plus
Size: 1024B - Virtual size: 594B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 1KB