f80d440086400ffbf923747746f9ef9e

Sharing

Copy URL

Twitter E-mail

General

Target

f80d440086400ffbf923747746f9ef9e
Size

161KB
MD5

f80d440086400ffbf923747746f9ef9e
SHA1

3f5bd54695bf2fbd441c3d26ca2c10e60bd4608a
SHA256

774a477d790f8396427991428dac69252732b5613b48ef5c2d008308d2ff1861
SHA512

998aa9b788be2f257a62f1e4099264b1f16c4e3317eed58040f3fc88a347e05e39f5bff7332b1d6e120581b2b46ca60d4e497552c37bb16ff4dceecfc2ad7661
SSDEEP

3072:m1XFTOoT7VXI0o/h2ztGxXwX1XMcElNzuBe4dko4LoDqj:0FTOM2J2IrNi96o7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f80d440086400ffbf923747746f9ef9e

Files

f80d440086400ffbf923747746f9ef9e
.exe windows:4 windows x86 arch:x86

57327d369b8a5563df0de4be39b0a70f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Draw
ImageList_Destroy
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Create
ImageList_Read
ImageList_Remove

shlwapi

PathFileExistsA
SHQueryValueExA
SHStrDupA
PathGetCharTypeA
SHDeleteValueA

gdi32

CreatePalette
CreateFontIndirectA
CreateBrushIndirect
GetPixel

kernel32

VirtualFree
RaiseException
ExitProcess
CreateEventA
InitializeCriticalSection
GetACP
GetProcAddress
LocalAlloc
GetFileAttributesA
CloseHandle
lstrcpyA
GetVersionExA
WriteFile
ExitThread
LoadLibraryA
lstrcpynA
SetLastError
FindFirstFileA
SetThreadLocale
GetStartupInfoA
LoadLibraryExA
GlobalDeleteAtom
GetCommandLineA
SizeofResource
GetDiskFreeSpaceA
LoadResource
lstrcmpA
GetDateFormatA
VirtualQuery
WaitForSingleObject
GetCurrentProcess
EnterCriticalSection
GetCurrentThreadId
FreeResource
VirtualAlloc
CreateFileA
GetOEMCP
VirtualAllocEx
GetModuleFileNameA
MoveFileA
GetFullPathNameA
GetModuleHandleA
SetFilePointer
GetFileSize
lstrcmpiA
HeapAlloc
GetProcessHeap
Sleep
SetEvent
GetVersion
DeleteCriticalSection
SetErrorMode
SetEndOfFile
lstrlenA
HeapFree
MulDiv
WideCharToMultiByte
GetTickCount
GetCurrentProcessId
GetStringTypeA
HeapDestroy
GetCurrentThread

comdlg32

GetSaveFileNameA

user32

GetScrollPos
HideCaret
GetMenuItemInfoA
CharToOemA
GetWindowTextA
GetSysColor
GetMenuItemID
SetWindowPos
GetMenuState
EnableScrollBar
IsChild
GetCursorPos
GetPropA
GetWindow
GetSubMenu
GetScrollRange
DispatchMessageA
GetCursor
GetKeyState
GetSysColorBrush
GetParent
GetClipboardData
ShowWindow
GetMessagePos
FrameRect
GetMenuItemCount
BeginDeferWindowPos
IsWindowVisible
IsWindowEnabled
GetMenuStringA
DispatchMessageW
SystemParametersInfoA
FillRect
GetScrollInfo

msvcrt

malloc
strncmp
memcpy
atan
memmove
calloc

Sections

CODE
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 122KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57327d369b8a5563df0de4be39b0a70f

Headers

File Characteristics

Imports

comctl32

shlwapi

gdi32

kernel32

comdlg32

user32

msvcrt

Sections

CODE Size: 37KB - Virtual size: 37KB

.idata Size: 122KB - Virtual size: 189KB

.edata Size: 512B - Virtual size: 508B

CODE
Size: 37KB - Virtual size: 37KB

.idata
Size: 122KB - Virtual size: 189KB

.edata
Size: 512B - Virtual size: 508B