1119a89c6b342d57c641b6a98f229195

Sharing

Copy URL Twitter E-mail

General

Target

1119a89c6b342d57c641b6a98f229195
Size

114KB
MD5

1119a89c6b342d57c641b6a98f229195
SHA1

e4c1f57c6ae42ea22faaf8d6c03ab5d8057f3e83
SHA256

1defec2d7590ed548b6f333c62402a97d48b3c90a63ebdec8ce56edc0b86f2ec
SHA512

8f6b88cd02b11217de05db07344208b67f04e774e59874c4cf246715f61c7baaaa8ee7478fef510b81efc0501097af28cc903ea4994f7a0d12827095ffacb0bc
SSDEEP

1536:0Mv3tc/FalEZtepQI7Pt92twh8j8rGFoXqOGGpGNHE:0MlcF8EXW77Pt92tes8rGoHpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1119a89c6b342d57c641b6a98f229195

Files

1119a89c6b342d57c641b6a98f229195
.exe windows:4 windows x86 arch:x86

30930473b07a722afab2d0b38ea734b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateFreeThreadedMarshaler
CreateOleAdviseHolder
OleRun
CoGetObjectContext
CoGetContextToken
StringFromIID
CoCreateFreeThreadedMarshaler
ReleaseStgMedium
MkParseDisplayName
CoGetMalloc
OleRegGetUserType
PropVariantClear

comctl32

ImageList_Add
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Write
ImageList_Remove
ImageList_Create
ImageList_DrawEx
ImageList_Add
ImageList_Draw
ImageList_DrawEx

kernel32

GetProcAddress
GetModuleHandleA
GetCommandLineA
GetLastError
GlobalAlloc
VirtualAlloc
ExitThread
ExitProcess
GetVersion
GetTickCount
SetFilePointer
GetLocalTime
FreeResource
GetProcAddress
GetCurrentThread
GetTickCount

oleaut32

SysFreeString
SysStringLen
SysReAllocStringLen
VariantChangeType
SafeArrayGetUBound
RegisterTypeLib
SafeArrayPtrOfIndex
VariantChangeType
GetErrorInfo
SafeArrayGetElement

user32

CreateIcon
SetParent
CharUpperBuffA
SetRect
InsertMenuA
OemToCharA
GetFocus
EnableWindow
IntersectRect
MsgWaitForMultipleObjects

gdi32

GetPaletteEntries
SelectPalette
GetCurrentPositionEx
CreateCompatibleBitmap
LineTo
GetObjectA
CreateBrushIndirect
LineTo
GetCurrentPositionEx
CopyEnhMetaFileA
CreatePalette
CreateDIBSection
SelectPalette
GetDIBits
SetTextColor

shlwapi

SHGetValueA
SHQueryValueExA
SHDeleteValueA
SHSetValueA
SHDeleteKeyA
PathIsContentTypeA
PathFileExistsA
SHStrDupA
SHQueryInfoKeyA
PathIsDirectoryA
PathIsContentTypeA
SHDeleteValueA
SHDeleteKeyA
PathGetCharTypeA
SHQueryInfoKeyA
PathFileExistsA

shell32

SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetDiskFreeSpaceA
Shell_NotifyIconA
SHGetFolderPathA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
FindTextA
ChooseColorA

version

GetFileVersionInfoA
VerQueryValueA

advapi32

RegLoadKeyA
RegOpenKeyA
RegCreateKeyExA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 495B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30930473b07a722afab2d0b38ea734b1

Headers

File Characteristics

Imports

ole32

comctl32

kernel32

oleaut32

user32

gdi32

shlwapi

shell32

comdlg32

version

advapi32

Sections

.text Size: 31KB - Virtual size: 31KB

DATA Size: 512B - Virtual size: 495B

.idata Size: 79KB - Virtual size: 79KB

.tls Size: 512B - Virtual size: 433B

BSS Size: 1024B - Virtual size: 776B

.text
Size: 31KB - Virtual size: 31KB

DATA
Size: 512B - Virtual size: 495B

.idata
Size: 79KB - Virtual size: 79KB

.tls
Size: 512B - Virtual size: 433B

BSS
Size: 1024B - Virtual size: 776B