073118991fc5f44cebf673ff9d2b7b05

Sharing

Copy URL Twitter E-mail

General

Target

073118991fc5f44cebf673ff9d2b7b05
Size

346KB
MD5

073118991fc5f44cebf673ff9d2b7b05
SHA1

58a5ed32e0a448aab8490673f3823047d6204f6d
SHA256

e98738b38d7e0d248451e7a74d86baba54f00fca30d4bb4297dab07c0c394380
SHA512

fc3617cb9f4293e87d94fdda50ec028c05b0956ceab45ea396b90e919b6d30416410486f26abe41fbf1dee9455107febe7402a3a780b8ec67d9fe9e5c8506085
SSDEEP

6144:8BmeoTYyhDtPJMkAxIlzvP1F5/vcIQlAwbdXKqb61:WmVTYKD35AxIlzX1r/vcPlZxaqbY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073118991fc5f44cebf673ff9d2b7b05

Files

073118991fc5f44cebf673ff9d2b7b05
.exe windows:4 windows x86 arch:x86

8e4985f726e8f832e3dc6140f72625b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetLastActivePopup
GetWindowTextLengthA
SetParent
CreateDialogParamA
GetMessageTime
PostThreadMessageA
GetQueueStatus
SetWindowPos

ole32

CoRevokeMallocSpy
CoFileTimeNow
CoGetStdMarshalEx
OleIsCurrentClipboard
CoTaskMemRealloc
CoFreeUnusedLibraries
OleRegGetMiscStatus
StringFromGUID2
CoMarshalHresult
CoFreeLibrary

oledlg

ord7
ord1
ord3
ord11
ord2
ord9
ord4
ord12
ord6

comctl32

ord2
UninitializeFlatSB
CreateStatusWindowW
PropertySheetW
CreatePropertySheetPageA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegConnectRegistryA
RegOpenKeyExA

urlmon

CreateAsyncBindCtx

shlwapi

StrStrA
StrRChrIW
StrCmpNA
StrCSpnA
StrChrIW

kernel32

GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
GetOEMCP
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapFree
GetModuleHandleA
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

avuz
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

trdilc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e4985f726e8f832e3dc6140f72625b7

Headers

File Characteristics

Imports

user32

ole32

oledlg

comctl32

advapi32

urlmon

shlwapi

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 93KB

avuz Size: 276KB - Virtual size: 275KB

trdilc Size: 118KB - Virtual size: 117KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 93KB

avuz
Size: 276KB - Virtual size: 275KB

trdilc
Size: 118KB - Virtual size: 117KB

.rsrc
Size: 5KB - Virtual size: 5KB