fa14001a4831690212369a7eb08313fd

Sharing

Copy URL

Twitter E-mail

General

Target

fa14001a4831690212369a7eb08313fd
Size

129KB
MD5

fa14001a4831690212369a7eb08313fd
SHA1

6daae31c8e928e69e972044635cf2f1050f2c27d
SHA256

c034942872b605c9f627d8542188f25847787bb038ff5c02af93332571dfadae
SHA512

3005ba4a4977d47c138a2e8e838a8e49948d7c9b6dbd9f4df18ceed7f76350e08ea8b422245fbe9bac56fd06415c337737cdc7af74d74803891fcb8e7a463ba6
SSDEEP

1536:ivh3ENj5SptIPIzbHVNefu+H9qnrV2fEI6k+K9KqbRanzov7FL+DkzEdZcT57J5m:uh3PLvVNau+H9qnrmJgnM4k02TJfi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa14001a4831690212369a7eb08313fd

Files

fa14001a4831690212369a7eb08313fd
.exe windows:4 windows x86 arch:x86

299f19685b3b54c64cf24388787a4467

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Draw
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_Remove
ImageList_DrawEx

ole32

CoCreateInstanceEx
PropVariantClear
OleRun
GetHGlobalFromStream
CreateStreamOnHGlobal
WriteClassStm
CoUninitialize
CoDisconnectObject
OleRegGetUserType
StringFromIID

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
FindTextA

kernel32

GetModuleHandleA
GetACP
VirtualAllocEx
LocalFree
LocalReAlloc
LocalAlloc
LoadLibraryA
ExitProcess

oleaut32

SysStringLen
GetErrorInfo
SysAllocStringLen
SafeArrayGetElement
SysReAllocStringLen
SafeArrayCreate
SysFreeString

shell32

Shell_NotifyIconW

advapi32

RegOpenKeyExA
RegEnumKeyExA

user32

DrawIconEx
IsWindowEnabled
InflateRect
IsWindow
DrawMenuBar
ActivateKeyboardLayout
GetCapture
IsRectEmpty
RegisterWindowMessageA
GetIconInfo
EnumChildWindows
IsIconic
SetPropA
MessageBeep
LoadBitmapA
EnableMenuItem
GetLastActivePopup
GetFocus
CharNextA
GetDC
IntersectRect
OffsetRect
GetDCEx
DestroyCursor
MapVirtualKeyA
GetScrollRange
SetMenuItemInfoA
GetActiveWindow
IsWindowUnicode
PtInRect
RegisterClassA
GetKeyboardState
RegisterClipboardFormatA
GetSysColor
DrawIcon
IsCharUpperA
OpenClipboard
IsWindowVisible
GetMenuState
GetSystemMetrics
SetClipboardData
DispatchMessageA
RemoveMenu
CallNextHookEx
CharToOemA
UpdateWindow
GetKeyboardType
SendMessageW
GetMenuItemInfoA
PeekMessageW
ReleaseDC
GetClassNameA
SetWindowPos
SetForegroundWindow
DefWindowProcA
SendMessageA
ShowWindow
GetWindow
SetWindowPlacement
SetTimer
GetMenu
GetClassLongA
ShowScrollBar
GetMenuItemID
LoadCursorA
FrameRect
SetFocus
DispatchMessageW
DrawEdge
MsgWaitForMultipleObjects
EndDialog
GetSubMenu
GetDesktopWindow
TranslateMDISysAccel
GetKeyboardLayoutNameA
InsertMenuItemA
SetRect
IsCharLowerA
EndPaint
DestroyIcon
GetPropA
SetWindowsHookExA
GetCursor
GetKeyboardLayout
DestroyMenu
IsDialogMessageA
SetClassLongA
KillTimer
GetKeyState
LoadKeyboardLayoutA
GetForegroundWindow

version

VerInstallFileA

gdi32

GetTextColor

Exports

Exports

_jwrztzKmcERxE@20

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

299f19685b3b54c64cf24388787a4467

Headers

File Characteristics

Imports

comctl32

ole32

comdlg32

kernel32

oleaut32

shell32

advapi32

user32

version

gdi32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 107KB - Virtual size: 239KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 107KB - Virtual size: 239KB

.rsrc
Size: 5KB - Virtual size: 4KB