20dc80cbfae88c0b41658641d8b601c0

Sharing

Copy URL Twitter E-mail

General

Target

20dc80cbfae88c0b41658641d8b601c0
Size

149KB
MD5

20dc80cbfae88c0b41658641d8b601c0
SHA1

4de9a74eaa30bc4811f11bc2ebaa168a19bae677
SHA256

4a1e7bbe438e1b9173ee267e1cf2af460e26ccd065d0e8e83666dcd6047e00aa
SHA512

382c18b6f93df608a16fadd3c31277eee3c8abb232d9b64185b4d80bf8d7a0128d2be5033036bb177ddba8311caa52e7bc68d455b9d8212c7b4577767ea1b7e5
SSDEEP

3072:1eB/M0TONWkU14p6eYw/0gF0lrS/3tzLUdtaJDtZkUXA0qpK:108WGEzi4rSFUfqDIUX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20dc80cbfae88c0b41658641d8b601c0

Files

20dc80cbfae88c0b41658641d8b601c0
.exe windows:4 windows x86 arch:x86

2c82137813edf030754d0c9b35dfd7f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetDriveTypeA
GetCurrentProcess
CompareStringW
VirtualFree
VirtualProtect
GetStartupInfoA
GetVersion
GlobalHandle
DeleteFileW
CreateDirectoryA
TerminateProcess

user32

GetCapture
GetSysColor
InsertMenuA
InvalidateRect
KillTimer
GetDesktopWindow

msvcrt

log10
_ultoa
exit
calloc
_adjust_fdiv
__getmainargs
_XcptFilter
_except_handler3
_dup
strcmp
fwrite
__set_app_type
_initterm
__p__commode
__setusermatherr
_acmdln
_wfopen
_utime
_getpid
__p__fmode
_setjmp
wcsrchr

advapi32

RegEnumKeyExW
RevertToSelf
ControlService
RegEnumKeyW
GetUserNameA
RegDeleteValueA
RegEnumValueW
AddAccessAllowedAce
RegEnumKeyA

oleaut32

CreateErrorInfo
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayUnaccessData
VariantClear
SysAllocStringLen
GetErrorInfo
SafeArrayPtrOfIndex
SetErrorInfo
SafeArrayCreate
GetActiveObject

ole32

CoInitializeSecurity
CoFreeUnusedLibraries
CoRegisterClassObject
StringFromGUID2
CoSetProxyBlanket
IsAccelerator
ProgIDFromCLSID
CoRevokeClassObject
CoReleaseMarshalData
CoGetClassObject
StgOpenStorage

comctl32

ImageList_EndDrag
ImageList_GetBkColor
ImageList_Create
ImageList_DragEnter
CreatePropertySheetPageW
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Add
InitCommonControls
ImageList_GetImageInfo
PropertySheetW

shell32

ShellExecuteEx
SHGetPathFromIDListW
CommandLineToArgvW
SHBindToParent
ExtractIconA
SHGetDiskFreeSpaceExW
SHBrowseForFolder

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c82137813edf030754d0c9b35dfd7f4

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

oleaut32

ole32

comctl32

shell32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 137KB - Virtual size: 136KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 137KB - Virtual size: 136KB

.data
Size: 6KB - Virtual size: 6KB