f86835702bb271510aed2db29cc134cc

Sharing

Copy URL Twitter E-mail

General

Target

f86835702bb271510aed2db29cc134cc
Size

89KB
MD5

f86835702bb271510aed2db29cc134cc
SHA1

1fd0fa6b2fb8fdc682d94d3bb116752e169e087c
SHA256

53951bc9f07662de70599f543c3bdd658b7da00fe3234eb5544283a35aabd30b
SHA512

908ef0c261e67cefd46fad36c804bc5fc9b85aa55dc99b6d2a76beab058e6a7e4a99e1190ffdcdf73b93eb0ad4a9472b73015ede136bedfff1fcc066b2269d68
SSDEEP

1536:4jP4hb9ihBNjjtY0JSmkvO86HYXwcO2zDLBMeL2FL:47aiB7JSmWOD4X/OqBJL2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f86835702bb271510aed2db29cc134cc

Files

f86835702bb271510aed2db29cc134cc
.exe windows:4 windows x86 arch:x86

5ab1b30338c6aa89cf73ded05f7f2323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowPos
GetSysColor
GetSysColorBrush
GetSubMenu
EqualRect
UnhookWindowsHookEx
SetWindowTextA
GetScrollPos
PostQuitMessage
EnumWindows
GetMessageA
EnableMenuItem
FrameRect

kernel32

GetFileAttributesA
InterlockedExchange
GetThreadLocale
FileTimeToSystemTime
GetStartupInfoA
ExitProcess
GetSystemTime
SetUnhandledExceptionFilter
GetOEMCP
GetTickCount
RtlUnwind
GetTempPathA
GetTimeZoneInformation
VirtualAllocEx
GetCurrentProcessId

gdi32

ExcludeClipRect
SetViewportExtEx
DPtoLP
CreateICW
CreateCompatibleBitmap
SelectClipPath
GetMapMode
FillRgn
CopyEnhMetaFileA

ole32

StgOpenStorage
DoDragDrop
CoCreateInstance
CoInitializeSecurity
CoTaskMemRealloc
StringFromGUID2
CoInitialize
CoRevokeClassObject
OleRun

advapi32

GetUserNameA
RegCreateKeyA
RegQueryValueExW
GetSecurityDescriptorDacl
AdjustTokenPrivileges
CheckTokenMembership
RegCreateKeyExW
QueryServiceStatus
CryptHashData
FreeSid

msvcrt

strcspn
raise
puts
fprintf
__getmainargs
signal
_mbscmp
iswspace
_flsbuf
strlen
__setusermatherr
fflush
strncpy
__initenv
_lock
_fdopen
_CIpow
_strdup

comctl32

ImageList_DragEnter
ImageList_LoadImageW
ImageList_GetIcon
ImageList_ReplaceIcon
InitCommonControls
ImageList_Write
ImageList_Destroy
ImageList_GetIconSize
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_LoadImageA
ImageList_SetIconSize

shell32

ShellExecuteEx
ExtractIconExW
DoEnvironmentSubstW
DragAcceptFiles
ShellExecuteW
DragQueryFileW
CommandLineToArgvW
SHBrowseForFolderA
ExtractIconW
DragQueryFileA
SHGetPathFromIDList

oleaut32

VariantCopy
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreate
SysReAllocStringLen

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5ab1b30338c6aa89cf73ded05f7f2323

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 6KB - Virtual size: 80KB