1107607941295ed729631c248d70aa99

General

Target

1107607941295ed729631c248d70aa99
Size

110KB
MD5

1107607941295ed729631c248d70aa99
SHA1

523cdd764e23694804a8af7180e1b185241258a0
SHA256

787d6a0606fe27328bff965a7e972d3465f3fb6681577d204a885525deffbce9
SHA512

63b150c51c798bac72474f03aa8296cdc404a5e0036a490a5d25b6a6d46eff1eb88d520ac8ca60bb6378c611367bee77e2faae5c0f401c7df6c5157f1cdb5d6f
SSDEEP

1536:Bv7KfK0tWl6BQpPlEPhm90PK+Ac9aI0JJto1eTkPcjb7OlNJrRG3Pv:BzKfKuglOw0y+3dInb0NhE3Pv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1107607941295ed729631c248d70aa99

Files

1107607941295ed729631c248d70aa99
.exe windows:5 windows x86 arch:x86

304a39f0872822f2a0443a2d354f2387

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeviceIoControl
SetLastError
SetUnhandledExceptionFilter
GetLocaleInfoA
FreeEnvironmentStringsA
RaiseException
ExpandEnvironmentStringsA
GetStartupInfoA
GetModuleHandleA
VirtualProtect

user32

GetCursorPos
GetSysColor
DispatchMessageA
WaitMessage
SetForegroundWindow
SetScrollPos
FindWindowA
RegisterClipboardFormatA

msvcrt

__pioinfo
fputc
_XcptFilter
__setusermatherr
_adjust_fdiv
_initterm
sqrt
_errno
__getmainargs
localtime
_except_handler3
wcsncmp
__set_app_type
__p__fmode
_controlfp
_utime
__p__commode
exit
_acmdln

oleaut32

SafeArrayCreate
SafeArrayGetUBound
SysAllocStringByteLen
VariantClear
LoadTypeLib
SysStringByteLen
VariantCopyInd
SysFreeString
CreateErrorInfo

advapi32

RevertToSelf
RegDeleteValueW
RegOpenKeyA
RegFlushKey
CloseServiceHandle
RegQueryValueExA
CryptHashData

comctl32

ImageList_AddMasked
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Destroy
CreatePropertySheetPageW
ImageList_Replace

shell32

SHBrowseForFolderA
SHFileOperationA
ExtractIconW
SHGetSpecialFolderLocation
SHGetMalloc
SHBindToParent
SHGetFolderPathA
SHGetFolderLocation

ole32

StgCreateDocfileOnILockBytes
CoGetMalloc
OleDraw
StgOpenStorage
CreateItemMoniker
StringFromGUID2
StgOpenStorageOnILockBytes
CoRevokeClassObject
CreateStreamOnHGlobal

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

304a39f0872822f2a0443a2d354f2387

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

oleaut32

advapi32

comctl32

shell32

ole32

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB