094b1175b4296b7a50720a52f8101bfd

Sharing

Copy URL Twitter E-mail

General

Target

094b1175b4296b7a50720a52f8101bfd
Size

432KB
MD5

094b1175b4296b7a50720a52f8101bfd
SHA1

713db9599cfcc7b78048d34f6073f6583dd23708
SHA256

e1a1fe7fe3f1216f707b55248d2a655f780362c2cf454296c8780aa6f6ad0a51
SHA512

ea4bef6abbe613640176567048b15d39e55aee8f04a22b17b433b5d780b6dbfdc9382fe99291713fc8b71ee390996c91732f6a88a2c5cb7f0f922152578b72b2
SSDEEP

6144:qZirCp/SAxT6Kr1VCmLxaUJOpPTSXoDSbR8dkHAkKmooTLzM30E8jocfBR4s6Es9:GFLYUJ/XoDihZzEofBRsEsfQXh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
094b1175b4296b7a50720a52f8101bfd

Files

094b1175b4296b7a50720a52f8101bfd
.exe windows:4 windows x86 arch:x86

e3c2139a6d3076d24169b4d90033aecb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
TlsFree
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
GetEnvironmentStrings
GetModuleFileNameA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
GetFileType
CreateFileW
FindFirstFileW
CreateFileMappingA
CompareStringA
FindFirstFileA
lstrcmpA
GetProcessHeap
GetProcAddress
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
SetHandleCount
EnterCriticalSection
InterlockedIncrement
ReadFile
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
RemoveDirectoryA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
FindClose
LoadResource
InitializeCriticalSection
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
WriteFile
GetStringTypeA
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapFree
HeapDestroy
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetSystemDefaultLangID
GetCurrentThread
GetSystemDefaultLCID
GetUserDefaultLangID
GetUserDefaultLCID
CloseHandle
GetACP
GetModuleHandleW
GetVersion
InterlockedExchange
SizeofResource
IsValidCodePage
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
GetCurrentThreadId
GetOEMCP

advapi32

RegDeleteValueA
RegSetValueExA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

gdi32

SelectObject
CreateCompatibleDC
GetStockObject
DeleteDC
SetBkMode
DeleteObject

user32

SetCursor
ReleaseDC
GetClientRect
SystemParametersInfoA
GetSysColor
MessageBoxA
EndDialog
GetDesktopWindow
LoadIconA
LoadCursorA
GetDlgItem
CreateWindowExA
PtInRect
DispatchMessageA
SetWindowTextA
SetWindowLongA
ReleaseCapture
GetWindowRect
GetSystemMetrics
BeginPaint
MapWindowPoints
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
GetWindow
TranslateMessage
EnableWindow
ShowWindow
GetParent
DestroyWindow
SendMessageA
GetCursorPos
GetDC
IsWindow
SetWindowPos
PostQuitMessage
SetForegroundWindow

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3c2139a6d3076d24169b4d90033aecb

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 360KB - Virtual size: 356KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 360KB - Virtual size: 356KB

.rsrc
Size: 8KB - Virtual size: 6KB