031eb7a29356b89cfd382d6667d90ac1

Sharing

Copy URL Twitter E-mail

General

Target

031eb7a29356b89cfd382d6667d90ac1
Size

184KB
MD5

031eb7a29356b89cfd382d6667d90ac1
SHA1

63eeffb78573d267b19cbc84d06c6bc45c534cdf
SHA256

e10310802cefe8332b9bd31999944e56276e544070e366aa21d885d1a78d1867
SHA512

59f58b71012590f5b3b7062d18d47136fde97cf25aa77a3b0c67d3abb43d4678f2559248b5061b357c2f3d6233f22bfb327dfc19fc5c10e3755bc72898f34236
SSDEEP

3072:kaQv7wYr9am72jBlev8atmH3xjaRzkQqQD5paT0fbkke0MdbGr:sv7wYr9a+ce8IIuVcT0fte0Mdb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
031eb7a29356b89cfd382d6667d90ac1

Files

031eb7a29356b89cfd382d6667d90ac1
.exe windows:4 windows x86 arch:x86

2468f3487cbf58944bbcdc42474e67ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdi32

CreateDIBitmap
SetStretchBltMode
SelectPalette
SelectObject
CreateCompatibleDC
ExtEscape
StretchDIBits
GetDeviceCaps
GetStockObject
GetDIBits
DeleteDC
CreateSolidBrush
GetObjectA
BitBlt
CreateCompatibleBitmap
RealizePalette
CreateFontA
DeleteObject
CreateDIBSection
SetBkMode

kernel32

CreateFileW
GetShortPathNameW
GlobalFree
ReadFile
GetFileSize
LocalFree
Sleep
GetProcessAffinityMask
SetFilePointer
CreateFileA
GlobalAlloc
MapViewOfFile
EnumResourceTypesA
GetTickCount
GetFileAttributesA
GlobalSize
WriteFile
WideCharToMultiByte
LocalAlloc
CreateFileMappingA
DisableThreadLibraryCalls
UnmapViewOfFile
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipFree
GdipAlloc
GdipCreateBitmapFromFile
GdipDisposeImage
GdipCloneImage

ole32

CLSIDFromProgID
CoTaskMemRealloc
CreateStreamOnHGlobal
StgIsStorageFile
CreateItemMoniker
OleLockRunning
CoSetProxyBlanket
StgOpenStorage
CoGetClassObject
CoInitialize
OleUninitialize
CoInitializeSecurity
BindMoniker
CoUninitialize
CoTaskMemFree
CreateBindCtx
GetRunningObjectTable
StringFromGUID2
StgCreateDocfile
OleInitialize
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString

user32

IsChild
DestroyAcceleratorTable
FindWindowA
ReleaseCapture
wsprintfA
GetDesktopWindow
GetClassNameA
CreateWindowExA
SetParent
ReleaseDC
FillRect
SetTimer
GetWindowTextLengthA
GetDlgItem
MoveWindow
PostThreadMessageA
DestroyWindow
EndPaint
GetWindowLongA
InvalidateRgn
EnumDisplayDevicesA
SetFocus
DefWindowProcA
PeekMessageA
CallWindowProcA
GetClientRect
KillTimer
SetCapture
GetActiveWindow
SendMessageTimeoutA
MsgWaitForMultipleObjects
SendMessageA
EqualRect
ShowWindow
SetRect
CreateAcceleratorTableA
GetDC
GetParent
GetFocus
RegisterWindowMessageA
CharNextA
GetClassInfoExA
GetQueueStatus
IsWindow
CreateDialogParamA
SendNotifyMessageA
GetWindow
wvsprintfA
RedrawWindow
BeginPaint
GetWindowRect
UnregisterClassA
SetWindowLongA
LoadCursorA
PostMessageA
GetWindowTextA
GetSysColor
RegisterClassExA
DrawTextA
DispatchMessageA
InvalidateRect
SetWindowTextA
CopyRect
SetWindowPos

advapi32

CryptImportKey
RegEnumValueA
CryptReleaseContext
CryptHashData
CryptGetHashParam
RegDeleteValueA
CryptAcquireContextA
RegOpenKeyExA
RegCreateKeyExA
CryptDestroyHash
RegQueryValueExA
CryptCreateHash
RegQueryInfoKeyA
CryptDestroyKey
RegEnumKeyExA
RegCloseKey
RegSetValueExA
CryptEncrypt
RegDeleteKeyA

winmm

timeGetTime
timeSetEvent

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

shlwapi

PathFileExistsW
PathCombineW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2468f3487cbf58944bbcdc42474e67ac

Headers

File Characteristics

Imports

setupapi

gdi32

kernel32

shell32

gdiplus

ole32

user32

advapi32

winmm

wininet

shlwapi

version

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 76KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 364KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 76KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 364KB