0990e32b124536c31ef5d775c56e8963

Sharing

Copy URL Twitter E-mail

General

Target

0990e32b124536c31ef5d775c56e8963
Size

156KB
MD5

0990e32b124536c31ef5d775c56e8963
SHA1

62c4ccd65452c38a663b96e4a60f3cea471afbac
SHA256

cb261a506b111d4007e82b3e71e4da57b889a1482bfa2093afecd95e9531827b
SHA512

3553a2c0846e0f774736991b424d92a11e33d2594ffc04655a6c7e84ba590f5365f24ffd7173b74221616b41724b5ab4d59a9e77eea294be1da0cb05377d1583
SSDEEP

3072:H0gEMwy3BDoBeIxlegNV4w+bAoO659Ex+kLMFoJMuh/1U1u3:H2LWB+e2j0DXEx+kwoJMufAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0990e32b124536c31ef5d775c56e8963

Files

0990e32b124536c31ef5d775c56e8963
.exe windows:4 windows x86 arch:x86

966fbc9a6065699b217dc84bb26922c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCommandLineW
GetSystemPowerStatus
lstrlenA
GetCurrentDirectoryA
CloseHandle
GetLastError
GetUserDefaultLangID
GlobalMemoryStatus
GetProcAddress
LoadLibraryA
IsBadReadPtr
SetUnhandledExceptionFilter
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
ReadFile
LocalFree
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
GetVersionExA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
WriteFile
IsBadCodePtr
GetCurrencyFormatA
SetLastError
SetEndOfFile
lstrcatA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
HeapFree
HeapSize
GetCurrentProcess
TerminateProcess
CreateFileA
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapAlloc

user32

PostMessageA
GetWindowTextA
SetLastErrorEx
CreateWindowExA
SetRect
DestroyWindow
GetClassInfoW
GetSysColor
DrawCaption
CloseWindow
FindWindowA
GetParent
IsCharAlphaA
CopyImage
LoadCursorFromFileA
GetDesktopWindow
EnumChildWindows
MessageBoxA
SetCursorPos
FlashWindow
OpenIcon
wsprintfA
MoveWindow
RegisterHotKey
PeekMessageA
GetThreadDesktop
GetUserObjectInformationA
DrawIcon
GetWindowTextLengthA

gdi32

CreateRectRgn
CreateHatchBrush
ExtTextOutA
CreateBrushIndirect

winspool.drv

OpenPrinterA
GetJobA

shell32

CommandLineToArgvW
ExtractIconA

shlwapi

PathGetCharTypeA
PathIsSameRootA

comctl32

ord17

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

966fbc9a6065699b217dc84bb26922c7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

shell32

shlwapi

comctl32

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 93KB - Virtual size: 92KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 93KB - Virtual size: 92KB