015625f5eb5eb1060f742f8d6a37bc3c

Sharing

Copy URL Twitter E-mail

General

Target

015625f5eb5eb1060f742f8d6a37bc3c
Size

535KB
MD5

015625f5eb5eb1060f742f8d6a37bc3c
SHA1

a8fd845ae70a44613f04488cd7d8650bd696ef1f
SHA256

95fe1929b03c78d957e24b344d035d3c5d58ff9c4724ade044ca9ea10bec89e2
SHA512

f55a2c1af6d9447651ea580fe32ddf26767d07da17c0e8ad05eace71dad50a103b3131838209f4ae5cc7605973af598b6061fb6deb7ca85894a7a7749b997900
SSDEEP

12288:PqrvzcVN97wffrOxW07ghS2933uF7NQ4sEqV8XBHfM:OyNpwffrQUhSMuF7NQD7VO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
015625f5eb5eb1060f742f8d6a37bc3c

Files

015625f5eb5eb1060f742f8d6a37bc3c
.exe windows:4 windows x86 arch:x86

bc19f3a175c6348e6c0fbc4b0fcc741a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
VirtualProtect
IsBadWritePtr
SetWaitableTimer
GetModuleHandleA
HeapDestroy
GetCurrentThread
OpenMutexA
VirtualFree
SetConsoleCursorPosition
GetStartupInfoA
TlsAlloc
VirtualAlloc
SetStdHandle
WideCharToMultiByte
EnterCriticalSection
GetVersionExA
GetLocaleInfoW
MultiByteToWideChar
lstrcpynA
SetHandleCount
LCMapStringA
QueryPerformanceCounter
FreeEnvironmentStringsW
SetEndOfFile
SetLastError
DuplicateHandle
GetOEMCP
CreatePipe
IsValidLocale
GetUserDefaultLCID
GetEnvironmentStringsW
CompareStringW
RtlUnwind
DeleteCriticalSection
CloseHandle
GetCurrentThreadId
UnhandledExceptionFilter
InterlockedExchange
DeleteFileW
EnumSystemLocalesA
LoadLibraryA
GetStdHandle
GetCPInfo
GetTimeZoneInformation
HeapReAlloc
VirtualQuery
TerminateProcess
GetLocaleInfoA
ReadFile
FlushFileBuffers
LockResource
GetTickCount
GetAtomNameA
GetCommandLineA
GetConsoleScreenBufferInfo
GetStringTypeW
GetFileType
GetShortPathNameA
GetModuleFileNameW
GetCurrentProcess
CompareStringA
GetACP
HeapAlloc
ExitProcess
LeaveCriticalSection
GetConsoleOutputCP
GetLastError
WriteFile
SetEnvironmentVariableA
SetFilePointer
IsValidCodePage
GetModuleFileNameA
GetStringTypeA
FreeEnvironmentStringsA
TlsSetValue
GetCommandLineW
HeapCreate
LCMapStringW
TlsFree
GetEnvironmentStrings
HeapSize
GetDateFormatA
GetSystemInfo
CreateMutexA
HeapFree
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeCriticalSection
GetProcAddress
GetTimeFormatA
TlsGetValue

comctl32

CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_Remove
InitCommonControlsEx
DrawInsert
ImageList_AddIcon
ImageList_DragLeave
ImageList_GetFlags

user32

DdeQueryNextServer
CreateCursor
CreateMenu
OemKeyScan
LoadMenuIndirectA
GetInputState
EndTask
GetMenuItemInfoW
DrawIconEx
GetWindowLongA
ModifyMenuW
IsWindow
CreateWindowExW
EnumPropsExW
MessageBoxW
UnhookWindowsHookEx
SetPropW
EnumDisplayDevicesA
DefWindowProcW
RegisterClassA
ShowWindow
DdeInitializeW
GetMenuItemCount
DestroyWindow
DdeCmpStringHandles
RegisterClassExA
IsIconic
CreateIconIndirect

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc19f3a175c6348e6c0fbc4b0fcc741a

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 205KB - Virtual size: 204KB

.rdata Size: 212KB - Virtual size: 233KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 205KB - Virtual size: 204KB

.rdata
Size: 212KB - Virtual size: 233KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 7KB - Virtual size: 6KB