101ca618fe65e8bc91e8a01e8086b486

Sharing

Copy URL Twitter E-mail

General

Target

101ca618fe65e8bc91e8a01e8086b486
Size

528KB
MD5

101ca618fe65e8bc91e8a01e8086b486
SHA1

400ef023ca4c568fd57b1907fecb839529e7aafd
SHA256

4081e7b9bc259606b3884c53e239cc1cd55300142bab7a37c4b4da0b53e250cd
SHA512

f31876aa84e6f3a5ea72fe7136384ea36500addc954002010db0c0c7199ac708f23488413f3b8f4723652961e3bf5e621b64cf14c96acfd9ff88e2dbbc3d5c4c
SSDEEP

12288:R5GrFi0SEI+3Y0gymRYT+RYa6oinLbPyMwhNVCyLIhr:R5GrFi0SQ3Y0gPi0soiL1wy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
101ca618fe65e8bc91e8a01e8086b486

Files

101ca618fe65e8bc91e8a01e8086b486
.exe windows:4 windows x86 arch:x86

6843af7013222ad58d5d56507270ece8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
GetOpenFileNameW
FindTextA
GetOpenFileNameA

user32

EnumPropsW
DefWindowProcA
CreateWindowExW
RegisterClassA
LoadIconW
MessageBoxW
DestroyWindow
KillTimer
RealChildWindowFromPoint
ReuseDDElParam
ShowWindowAsync
OemKeyScan
GetWindowModuleFileNameW
DdeUnaccessData
CallWindowProcA
RegisterClassExW
BroadcastSystemMessageA
GetMenuItemID
SetParent
DdeAccessData
SetMenuItemInfoA
GetDlgItemTextW
ArrangeIconicWindows
DragObject
PostThreadMessageW
GetMenuItemInfoA
RegisterClassExA
ShowWindow
CharToOemBuffW
RealGetWindowClass

kernel32

GetStdHandle
GetThreadPriorityBoost
TerminateProcess
TlsSetValue
HeapFree
TlsAlloc
GetCPInfo
GetTickCount
InterlockedDecrement
GetSystemTimeAsFileTime
RtlUnwind
GetEnvironmentStrings
HeapDestroy
DeleteCriticalSection
SetFileAttributesW
LoadLibraryA
GetModuleHandleA
GetCommandLineW
GetLocalTime
CreateMutexA
SetEvent
HeapSize
GetProcAddress
OpenMutexA
GetVersion
SetFilePointer
InterlockedExchange
EnterCriticalSection
GetUserDefaultLCID
SetStdHandle
GetCurrentProcessId
GetCurrentThread
InterlockedIncrement
GetModuleFileNameW
GetCurrentThreadId
SetLastError
GetStartupInfoW
GetSystemTime
VirtualQuery
InitializeCriticalSection
GetFileType
GetWindowsDirectoryW
FlushFileBuffers
LCMapStringA
GetStringTypeW
GetModuleFileNameA
GetEnvironmentStringsW
UnhandledExceptionFilter
WideCharToMultiByte
CompareStringA
GetLastError
CloseHandle
GetStringTypeA
WriteFile
FreeEnvironmentStringsW
MultiByteToWideChar
SetEnvironmentVariableA
LCMapStringW
ReadFile
LoadLibraryExW
GetCommandLineA
OpenProcess
QueryPerformanceCounter
LocalReAlloc
ExitProcess
HeapCreate
TlsFree
SetHandleCount
VirtualAlloc
TlsGetValue
HeapAlloc
VirtualFree
IsBadWritePtr
GetCurrentProcess
CompareStringW
LeaveCriticalSection
GetTimeZoneInformation
FreeEnvironmentStringsA
HeapReAlloc
GetStartupInfoA

comctl32

ImageList_SetIconSize
ImageList_SetFlags
ImageList_SetDragCursorImage
DrawStatusTextW
ImageList_LoadImageA
ImageList_DragEnter
InitCommonControlsEx
ImageList_Write
ImageList_Merge
ImageList_GetImageRect
CreateMappedBitmap

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6843af7013222ad58d5d56507270ece8

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

comctl32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 108KB - Virtual size: 112KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 108KB - Virtual size: 112KB

.rsrc
Size: 28KB - Virtual size: 27KB