024254a0ab22727f4e4a49cac7cdfc98

Sharing

Copy URL Twitter E-mail

General

Target

024254a0ab22727f4e4a49cac7cdfc98
Size

193KB
MD5

024254a0ab22727f4e4a49cac7cdfc98
SHA1

aa9280d270d338ae551cbc1a835cd0f975225c64
SHA256

c64fee037ff5a1bc0a866c2752929fa8a7b31e2d65d8220913dcb62497461b1e
SHA512

86d46972fda80e0ba77c75cec4dc481a755bad08fa8a4920eb5608018bbe212f6ded0aec4cec8f22a04d8893c2ba9684bd559e10e694454de128c646c461cca6
SSDEEP

6144:EVbfrNiqUbgvGsHPyNon/wpBzEUFJPQQ5I:EbzN16gvGMV/wBBFuQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
024254a0ab22727f4e4a49cac7cdfc98

Files

024254a0ab22727f4e4a49cac7cdfc98
.exe windows:4 windows x86 arch:x86

f944c9649702d79deb2143015b572193

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
RegQueryValueA
RegEnumKeyExA

gdi32

CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
GetPaletteEntries
GetCurrentPositionEx
CopyEnhMetaFileA
CreatePenIndirect
CreatePalette
CreateCompatibleBitmap
CreateFontIndirectA
GetRgnBox
CopyEnhMetaFileA
SelectObject
CreateCompatibleDC
SetTextColor
GetObjectA
GetDIBits
GetPaletteEntries
CreateBrushIndirect
CreateBitmap
LineTo
CreatePenIndirect

comdlg32

FindTextA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA
FindTextA
GetFileTitleA
FindTextA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

ole32

PropVariantClear
CoGetObjectContext
StgOpenStorage
CoGetMalloc
ReleaseStgMedium
CoFreeUnusedLibraries
OleCreateStaticFromData
CoRegisterClassObject
GetHGlobalFromStream
OleRun
CLSIDFromString

oleaut32

SafeArrayUnaccessData
SafeArrayCreate
SysStringLen
SysFreeString
SysAllocStringLen
VariantCopyInd
GetErrorInfo
SysReAllocStringLen
SafeArrayGetElement
VariantChangeType

user32

GetDesktopWindow
CheckMenuItem
KillTimer
SetWindowLongW
IsChild

kernel32

HeapFree
GetFileType
VirtualAlloc
GetLastError
GetCommandLineA
LoadLibraryA
GlobalAlloc
GetModuleHandleW
GetModuleHandleA
IsBadReadPtr
GetCommandLineW
ExitProcess
GetProcAddress
ExitThread
VirtualAllocEx

shlwapi

SHQueryValueExA
SHDeleteKeyA
SHSetValueA
PathGetCharTypeA
SHQueryInfoKeyA
PathFileExistsA
SHGetValueA
SHDeleteValueA
SHStrDupA
PathIsContentTypeA

shell32

SHGetFolderPathA
SHGetDesktopFolder
SHFileOperationA
Shell_NotifyIconA

msvcrt

swprintf
log
pow
sin
memset
wcschr
exp
sqrt

comctl32

ImageList_GetBkColor
ImageList_Remove
ImageList_DragShowNolock
ImageList_Write
ImageList_Read
ImageList_DrawEx
ImageList_Destroy

version

VerFindFileA

Sections

CODE
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f944c9649702d79deb2143015b572193

Headers

File Characteristics

Imports

advapi32

gdi32

comdlg32

ole32

oleaut32

user32

kernel32

shlwapi

shell32

msvcrt

comctl32

version

Sections

CODE Size: 46KB - Virtual size: 45KB

.data Size: 1024B - Virtual size: 32KB

.data3 Size: 1KB - Virtual size: 1KB

.data9 Size: 1024B - Virtual size: 769B

.data5 Size: 135KB - Virtual size: 134KB

.data1 Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 46KB - Virtual size: 45KB

.data
Size: 1024B - Virtual size: 32KB

.data3
Size: 1KB - Virtual size: 1KB

.data9
Size: 1024B - Virtual size: 769B

.data5
Size: 135KB - Virtual size: 134KB

.data1
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB