7188399ca8a10d35cf47ba3cc63ac0dc

Sharing

Copy URL Twitter E-mail

General

Target

7188399ca8a10d35cf47ba3cc63ac0dc
Size

288KB
MD5

7188399ca8a10d35cf47ba3cc63ac0dc
SHA1

d9236e8a79da6eeea8e2020b7573186050e017af
SHA256

dc568b49836f0ae5b7e393cffe2999a2f816004ba0888d6ccb4e68acc7365ca0
SHA512

d9c23029329ed2f2bbf2735406e767e336a1f051a125535f0757b0440ec83463a30bb8fd463d22648f6f4c22e06160d90fb7fe1a3d282e36a5a2e6eda6f71df2
SSDEEP

3072:I5aWYrlQO+WvSKAAG6NdprI3M4rRtNqq/2z9pZRfvjcKieTLQ45v8cwr6WVSV59C:tlZhvGzl4zBRTU4R8Hr6WVo9TYam+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7188399ca8a10d35cf47ba3cc63ac0dc

Files

7188399ca8a10d35cf47ba3cc63ac0dc
.exe windows:5 windows x86 arch:x86

0247c0fea7d0fb9aa4719a377e02bfb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowCursor
CreateAcceleratorTableA
SetCursorPos
GetMenu
InflateRect
DrawFocusRect
TranslateMessage
GetUpdateRect
DialogBoxParamW
SetMenuItemBitmaps
GetKeyState
SetCursor
GetWindowLongA
TileChildWindows
SendMessageTimeoutW
mouse_event
CreatePopupMenu
RemoveMenu
SetWindowPlacement
GetPropW
ModifyMenuA
RedrawWindow
InsertMenuW
LoadStringW
EnableScrollBar

comdlg32

ReplaceTextW
ChooseFontW
FindTextW
GetSaveFileNameA
PageSetupDlgW
CommDlgExtendedError
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
PrintDlgExW

kernel32

MultiByteToWideChar
GetTimeFormatW
CreateSemaphoreW
FindFirstFileW
LocalAlloc
GetSystemInfo
LoadLibraryExA
GetCommProperties
CreateWaitableTimerW
CreateMutexA
GetCPInfoExA
LocalSize
DosDateTimeToFileTime
ExpandEnvironmentStringsW
LocalFree
LoadLibraryA
GetSystemTimeAsFileTime
GetLocaleInfoA
SetEndOfFile
GetPrivateProfileIntA
WaitForSingleObject
WaitForSingleObjectEx
GetComputerNameExW
GetProcessHeap
FindResourceA
GetTickCount
GetTempPathA

comctl32

ImageList_SetIconSize
InitCommonControlsEx
ImageList_ReplaceIcon
CreateToolbarEx
ImageList_Read
ImageList_LoadImageW
ImageList_Write
ImageList_GetIcon
ImageList_GetIconSize
PropertySheetA

crypt32

CertFreeCertificateContext
CertCloseStore
CryptHashPublicKeyInfo
CryptProtectData
CertFindCertificateInStore
CertOpenStore

gdi32

SetViewportOrgEx
SetPixel
DeleteDC
CreateCompatibleDC
CreateFontW
GetObjectW
GetFontData
CreateSolidBrush
GetObjectA
CreateDiscardableBitmap
CreatePatternBrush
UpdateColors
StartPage
CreatePalette
FillRgn
CreateFontIndirectA
DescribePixelFormat
StretchDIBits
GetMetaFileA

msvcrt

strcpy
perror
strcspn
fputws
puts
wcstol
strrchr
memcpy
free
memset

winspool.drv

DeviceCapabilitiesA

Exports

Exports

_GcNms_ejy_jwjc@16
_GvVsx_pfpKc_jysh@12
_PaQj_nlyM_vdb_xh@12
_Format_SysMessages@8
_ReCalc_Used_Data@12

Sections

.code
Size: 512B - Virtual size: 283KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0247c0fea7d0fb9aa4719a377e02bfb9

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

comctl32

crypt32

gdi32

msvcrt

winspool.drv

Exports

Exports

Sections

.code Size: 512B - Virtual size: 283KB

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 250KB - Virtual size: 250KB

.reloc Size: 1024B - Virtual size: 746B

.code
Size: 512B - Virtual size: 283KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 250KB - Virtual size: 250KB

.reloc
Size: 1024B - Virtual size: 746B