04a04b099ebe0fc8041055c2c7fd8c42

Sharing

Copy URL

Twitter E-mail

General

Target

04a04b099ebe0fc8041055c2c7fd8c42
Size

105KB
MD5

04a04b099ebe0fc8041055c2c7fd8c42
SHA1

4ae00c6215c961dbb0d09bbb6958a3185b3d40e1
SHA256

b781965da959c4d73f83825fadb900d56f1732a0a23704c71faa1bef2464bfb0
SHA512

e6de92e9ce68ccc6451649d2cf8f34048f89389eb60a3bb76e9a420b17684fe5bcb73326a6d30cca54dd325e76b393846d3c44cfb0d0bb0a2b6c513cb90c7d91
SSDEEP

3072:k0W7cRqnq4xl0WYt3S73fNuYzyU8J5BrWx:CouqFA1uOZ8J5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a04b099ebe0fc8041055c2c7fd8c42

Files

04a04b099ebe0fc8041055c2c7fd8c42
.exe windows:4 windows x86 arch:x86

5a4088dc91bf98f1420a1836666fd792

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DeferWindowPos
GetIconInfo
CreatePopupMenu
GetCursor
CharNextA
GetWindowTextA
DrawIconEx
GetScrollPos
SetWindowPos
EnableWindow
GetWindow
CreateMenu
SetWindowTextA
GetDesktopWindow
GetForegroundWindow
GetKeyNameTextA
GetParent
GetSysColor
GetKeyState
GetScrollRange
GetMenuState
CreateIcon
GetClientRect
GetSubMenu
GetMenuStringA
DispatchMessageW
DispatchMessageA
GetMenuItemInfoA
DrawTextA
IsChild
GetDC
EqualRect
CharLowerA
EnumThreadWindows
IsWindowVisible
DrawFrameControl
GetMenu
ClientToScreen
CallNextHookEx
GetActiveWindow
FindWindowA
CreateIcon
GetClassLongA
GetMenuItemInfoA
RegisterClassA
GetMenuStringA
CharLowerBuffA
CreateMenu
EnableWindow
GetMenuItemID
CallNextHookEx
GetCursorPos
GetLastActivePopup
EqualRect
GetClientRect
GetClassInfoA
GetWindowTextA
MessageBoxA
GetSysColorBrush
CallWindowProcA
DispatchMessageW
GetMenuState
GetActiveWindow
GetSubMenu
ShowScrollBar
SetWindowTextA
GetMenuItemCount
GetScrollRange
DrawMenuBar
IsChild
SetWindowPos
GetKeyNameTextA
DefWindowProcA
GetScrollPos
GetScrollInfo
DrawEdge
IsDialogMessageA
GetMessagePos
EndDeferWindowPos
EnableScrollBar
DefFrameProcA
SetWindowLongA
DispatchMessageA
DefMDIChildProcA
GetFocus
EnumWindows
CharToOemA
SetTimer
GetCursor
ShowWindow
TrackPopupMenu
IsMenu
FrameRect
DrawFrameControl
GetDlgItem

gdi32

BitBlt
GetClipBox
SelectPalette
CopyEnhMetaFileA
GetCurrentPositionEx
SetBkColor
GetObjectA
GetDIBits
CreateBitmap
GetClipBox
GetPixel
CreateBrushIndirect
SelectPalette
GetBitmapBits
CreateCompatibleDC
CreateFontIndirectA
CreateCompatibleBitmap

comctl32

ImageList_Remove
ImageList_GetBkColor
ImageList_Add
ImageList_Destroy
ImageList_Write
ImageList_Create
ImageList_Draw

kernel32

LocalReAlloc
LoadResource
GetCurrentThreadId
DeleteFileA
SetErrorMode
WaitForSingleObject
MoveFileA
VirtualAllocEx
GetEnvironmentStrings
VirtualQuery
GetFullPathNameA
CreateThread
EnterCriticalSection
GetStartupInfoA
FreeLibrary
GetStringTypeA
GetStdHandle
GlobalAddAtomA
SetFilePointer
GetDiskFreeSpaceA
GetCPInfo
SetHandleCount
lstrcmpiA
GetStringTypeW
LoadLibraryExA
FreeResource
VirtualFree
GetModuleFileNameA
GetTickCount
WideCharToMultiByte
GetThreadLocale
GlobalFindAtomA
RaiseException
GetVersionExA
CreateEventA
GetACP
GetVersion
GetCPInfo
GetEnvironmentStrings
SetFilePointer
GetModuleHandleA
GetModuleFileNameA
LockResource
LoadLibraryExA
HeapDestroy
GetStdHandle
GetDiskFreeSpaceA
LocalReAlloc
VirtualAllocEx
LocalFree
ExitProcess
GlobalFindAtomA
FindClose
LoadLibraryA
ExitThread
GetStringTypeW
GetCurrentThread
HeapFree
HeapAlloc
CompareStringA
GetVersionExA
GetFileAttributesA
Sleep
GetDateFormatA
FindFirstFileA
GetCurrentProcess
DeleteCriticalSection
GetCurrentProcessId
SetEvent
GetFullPathNameA
CreateEventA
SetHandleCount
SetThreadLocale
GetCommandLineA
VirtualAlloc
SizeofResource
CreateThread
InitializeCriticalSection
lstrcatA
lstrcmpiA
GetThreadLocale
GetTickCount
FreeLibrary
DeleteFileA
GetCurrentThreadId
GetStringTypeA
WriteFile
LoadResource
MoveFileA
GetProcAddress
lstrcpyA
GetProcessHeap
WideCharToMultiByte
MoveFileExA
lstrcpynA
EnumCalendarInfoA
lstrcmpA
EnterCriticalSection
GlobalAlloc
SetLastError
VirtualQuery
GlobalDeleteAtom

shlwapi

SHQueryValueExA
PathIsDirectoryA
SHStrDupA
SHQueryInfoKeyA
PathFileExistsA

advapi32

RegQueryValueExA
RegOpenKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyA
RegDeleteKeyA

msvcrt

strlen
wcscspn
strcmp
memcpy
calloc
sqrt
rand
memmove
sprintf
_acmdln
strncmp

oleaut32

OleLoadPicture
GetErrorInfo
SysFreeString
VariantChangeType
RegisterTypeLib

shell32

SHFileOperationA

ole32

OleCreateStaticFromData
CreateOleAdviseHolder
CoUnmarshalInterface
CoGetObjectContext
PropVariantClear
CreateStreamOnHGlobal
StringFromIID
ReleaseStgMedium
CoTaskMemFree

version

VerQueryValueA
VerFindFileA

comdlg32

GetOpenFileNameA
GetFileTitleA
ChooseColorA
FindTextA

ntdll

atoi
atol
NtWaitForSingleObject
RtlDeleteCriticalSection
wcscat

Sections

text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a4088dc91bf98f1420a1836666fd792

Headers

File Characteristics

Imports

user32

gdi32

comctl32

kernel32

shlwapi

advapi32

msvcrt

oleaut32

shell32

ole32

version

comdlg32

ntdll

Sections

text Size: 50KB - Virtual size: 50KB

.idata Size: 44KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 7KB

.edata Size: 1024B - Virtual size: 694B

.init Size: 512B - Virtual size: 278B

text
Size: 50KB - Virtual size: 50KB

.idata
Size: 44KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 7KB

.edata
Size: 1024B - Virtual size: 694B

.init
Size: 512B - Virtual size: 278B