0158f13939d86c0aec4128022079f214

Sharing

Copy URL Twitter E-mail

General

Target

0158f13939d86c0aec4128022079f214
Size

517KB
MD5

0158f13939d86c0aec4128022079f214
SHA1

037860ce88eeab7abf8c8465f73222f1ab6d4cda
SHA256

bf13cb28bf9acb33b1c83a94e39066ae8a1a7802d73e2c8d5962e25025701877
SHA512

02231326f9d27d457cc226e09633a1b3e1225c7984d38e445428d55a66a2b7b0d90650b01432bb0c0061d63e655d1e5676803154dd2935ab5ecf11050298fece
SSDEEP

12288:cWb6tlYRdVP5AMb3zKYXvF9YyAGtwAGmohX3AxdZ:cNtlelTb3zKEF9ehnA3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0158f13939d86c0aec4128022079f214

Files

0158f13939d86c0aec4128022079f214
.exe windows:4 windows x86 arch:x86

7053b0727f4d23b2857bd20f53344ea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

CreateIconFromResource
GetMenuItemID
RegisterClassExW
SendInput
EditWndProc
RegisterClassA
EnumClipboardFormats
RegisterClassExA
SendNotifyMessageW

kernel32

FindClose
MultiByteToWideChar
GetModuleHandleA
GetStringTypeA
EnterCriticalSection
GetSystemTimeAsFileTime
SetStdHandle
OpenMutexA
GetSystemTime
HeapAlloc
LoadLibraryA
RtlUnwind
TlsAlloc
FindResourceExW
SetLastError
GetVersion
GetFileAttributesW
LCMapStringA
EnumSystemLocalesA
HeapFree
CreateSemaphoreA
GetStringTypeW
TlsSetValue
CreateMutexA
LockFileEx
GetSystemDirectoryA
InitializeCriticalSection
FreeEnvironmentStringsW
VirtualAlloc
HeapReAlloc
InterlockedDecrement
FreeEnvironmentStringsA
SetHandleCount
HeapLock
TlsGetValue
GetFileType
GetEnvironmentStrings
GetTimeFormatW
CopyFileA
VirtualFree
GetCurrentProcess
WideCharToMultiByte
OpenEventA
GetStdHandle
LocalCompact
CloseHandle
MoveFileW
LCMapStringW
TerminateProcess
LocalFlags
GetWindowsDirectoryW
WriteFile
GetCPInfo
ExitProcess
CompareStringW
IsBadWritePtr
TlsFree
UnhandledExceptionFilter
GetCurrentThread
InterlockedIncrement
GetProcessHeaps
SetFilePointer
SetEnvironmentVariableA
GetEnvironmentStringsW
LeaveCriticalSection
GetCommandLineA
GetLastError
GetCommandLineW
SystemTimeToFileTime
QueryPerformanceCounter
GetStartupInfoW
GetModuleFileNameA
HeapCreate
GetLocalTime
GetModuleFileNameW
CompareStringA
GetTimeZoneInformation
InterlockedExchange
GetProcAddress
GetLogicalDrives
GetCurrentProcessId
GetCurrentThreadId
FlushFileBuffers
EnumResourceTypesW
SetWaitableTimer
ReadFile
VirtualQuery
DeleteCriticalSection
GetProcAddress
GetStartupInfoA
HeapDestroy
GetTickCount

advapi32

RegLoadKeyW

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7053b0727f4d23b2857bd20f53344ea4

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

Sections

.text Size: 186KB - Virtual size: 186KB

.rdata Size: 4KB - Virtual size: 9KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 186KB - Virtual size: 186KB

.rdata
Size: 4KB - Virtual size: 9KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 11KB - Virtual size: 10KB