0437a7cc1ebfdd1dd3f9e1370f9ac81c

Sharing

Copy URL Twitter E-mail

General

Target

0437a7cc1ebfdd1dd3f9e1370f9ac81c
Size

563KB
MD5

0437a7cc1ebfdd1dd3f9e1370f9ac81c
SHA1

6656d28abbaad5614e576c0ef025ef393e407857
SHA256

919484e436340fcf84737b7638c9e1f864ff223a9f4419afba11d9dbac4d2928
SHA512

428063580518d62e01c8a50f9950c9261143ee4f113547d74f908f2b52c4e9ae7d335eab5366bbaf6de6f3f1c9a626de2051e4c972c82301d513952c31dad497
SSDEEP

12288:CUOm21noHcCvmNZBQdrbiEeBDKL/dMw52jbJSUB6vyq:9h21noHcIkQdrGBI2nJMyq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0437a7cc1ebfdd1dd3f9e1370f9ac81c

Files

0437a7cc1ebfdd1dd3f9e1370f9ac81c
.exe windows:4 windows x86 arch:x86

8a77a33e534376c672b630da8b8dce14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

CountClipboardFormats
CascadeWindows
TrackPopupMenuEx
FindWindowW
SetDlgItemInt
MessageBoxW
ChangeMenuW
IsIconic
GetDoubleClickTime
GrayStringW
RegisterClassA
BringWindowToTop
ReleaseDC
ExcludeUpdateRgn
IsCharUpperW
RegisterClassExA

kernel32

GetStdHandle
LCMapStringA
SetFilePointer
CreateEventW
EnterCriticalSection
QueryPerformanceCounter
GetModuleFileNameW
GetCommandLineA
CompareStringA
GetSystemTime
CreateProcessA
GetStartupInfoA
GetACP
FreeLibraryAndExitThread
HeapSize
InitializeCriticalSection
VirtualQuery
InterlockedExchange
InterlockedDecrement
HeapDestroy
ReadFile
ContinueDebugEvent
GetStartupInfoW
HeapAlloc
TlsFree
GetShortPathNameA
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
GetLastError
CreateMutexA
HeapFree
IsBadWritePtr
GetVersion
DeleteCriticalSection
ExitProcess
RtlUnwind
WideCharToMultiByte
GetUserDefaultLCID
TlsGetValue
LCMapStringW
GetLocalTime
GetFileType
HeapCreate
OpenMutexA
GetConsoleTitleA
GetEnvironmentStringsW
GetProcAddress
CloseHandle
FindResourceExA
InterlockedIncrement
GetStringTypeA
HeapReAlloc
LoadLibraryA
GetCommandLineW
SetHandleCount
GetTickCount
GetCurrentProcess
GetPrivateProfileSectionW
TerminateProcess
FlushFileBuffers
GetCPInfo
SetLastError
GetStringTypeW
CompareStringW
VirtualFree
VirtualAlloc
OpenWaitableTimerA
FreeEnvironmentStringsA
WriteFile
GetModuleFileNameA
GetEnvironmentStrings
GetCurrentProcessId
UnhandledExceptionFilter
GetModuleHandleA
DebugActiveProcess
SetEnvironmentVariableA
SetStdHandle
GetSystemTimeAsFileTime
TlsAlloc
TlsSetValue
FreeEnvironmentStringsW
GetCurrentThread
GetTimeZoneInformation
FormatMessageW
FindFirstFileW

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a77a33e534376c672b630da8b8dce14

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 237KB - Virtual size: 236KB

.rdata Size: 4KB - Virtual size: 22KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 237KB - Virtual size: 236KB

.rdata
Size: 4KB - Virtual size: 22KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 5KB - Virtual size: 4KB