097cf3d90d6c3f016e4556e38f65a85d

Sharing

Copy URL Twitter E-mail

General

Target

097cf3d90d6c3f016e4556e38f65a85d
Size

494KB
MD5

097cf3d90d6c3f016e4556e38f65a85d
SHA1

ae4f99c66417f011f3c9ee2f5b62d4e8cadbf008
SHA256

8c8894367b231efefb4c9124f68b47afb584a4fa097dff91aefa52a8dc2c30f4
SHA512

de46dbffa94d1b8f504e07e3ab705719294cb4b48281ef101bfaffbcbffb564b1f75d1f020c0324c7910edbd481e16db358f3b54e95e9df6669e6d3753c16127
SSDEEP

12288:JBt37jslCUR6QnJRaJ0Bycbk1/bDdAWO/N7hkMG:JXfszlBJbk1/bD2W4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
097cf3d90d6c3f016e4556e38f65a85d

Files

097cf3d90d6c3f016e4556e38f65a85d
.exe windows:4 windows x86 arch:x86

2e8e3466bf40e519714b4fca01d6f5ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap
FindTextA
GetFileTitleW
PageSetupDlgW

wininet

ShowSecurityInfo
FindFirstUrlCacheContainerA
InternetFindNextFileA

gdi32

CreatePatternBrush
GetEnhMetaFileDescriptionW
GetCharABCWidthsFloatA
ExtFloodFill
CreateHalftonePalette
ExcludeClipRect
UpdateColors
GetViewportOrgEx
PolyTextOutW
GetMetaFileW
ColorMatchToTarget
GetViewportExtEx
SetMetaFileBitsEx
ScaleViewportExtEx
SetBitmapDimensionEx
DrawEscape
SetGraphicsMode

advapi32

RegOpenKeyW
RegCreateKeyA
RegSaveKeyW
RegQueryInfoKeyA
RegOpenKeyExW
CryptGetUserKey
CryptEnumProvidersW
CreateServiceA
CryptDestroyKey

user32

SetWindowTextA
RegisterClassA
LoadKeyboardLayoutW
RegisterClassExA
EnumDesktopsA

comctl32

InitCommonControlsEx

kernel32

SetFilePointer
LCMapStringA
GetTimeZoneInformation
GetStringTypeA
GetCommandLineA
MultiByteToWideChar
IsValidCodePage
VirtualAlloc
LCMapStringW
TlsAlloc
SetLastError
SetEnvironmentVariableA
WriteConsoleA
GetTimeFormatA
GetUserDefaultLCID
LoadLibraryA
TlsSetValue
UnhandledExceptionFilter
IsDebuggerPresent
WriteConsoleW
GetConsoleOutputCP
CopyFileExA
HeapSize
GetFileType
TlsGetValue
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
HeapFree
RtlUnwind
CompareStringA
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsW
Sleep
GetDateFormatA
GetProcAddress
GetCommandLineW
SetConsoleCtrlHandler
QueryPerformanceCounter
LeaveCriticalSection
GetModuleFileNameA
GetCurrentThread
GetOEMCP
InterlockedIncrement
HeapAlloc
GetLocaleInfoW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
CreateFileA
HeapCreate
WideCharToMultiByte
SetStdHandle
GetModuleHandleW
TerminateProcess
GetStdHandle
HeapDestroy
CompareStringW
FlushFileBuffers
GetCPInfo
InitializeCriticalSectionAndSpinCount
ExitProcess
HeapReAlloc
CreateMutexA
GetModuleHandleA
FreeLibrary
GetConsoleCP
GetLastError
GetTickCount
GetSystemTimeAsFileTime
ReadFile
InterlockedDecrement
GetLocaleInfoA
WriteFile
VirtualQuery
OpenMutexA
GetStartupInfoW
InterlockedExchange
GetStringTypeW
TlsFree
VirtualFree
GetCurrentProcess
GetModuleFileNameW
FindResourceExA
GetCurrentProcessId
GetACP
IsValidLocale
CloseHandle
EnumSystemLocalesA
lstrcmpiW

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e8e3466bf40e519714b4fca01d6f5ea

Headers

File Characteristics

Imports

comdlg32

wininet

gdi32

advapi32

user32

comctl32

kernel32

Sections

.text Size: 159KB - Virtual size: 158KB

.rdata Size: 10KB - Virtual size: 36KB

.data Size: 319KB - Virtual size: 318KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 159KB - Virtual size: 158KB

.rdata
Size: 10KB - Virtual size: 36KB

.data
Size: 319KB - Virtual size: 318KB

.rsrc
Size: 5KB - Virtual size: 5KB