103f06c65837c1c75a670592295152d3

Sharing

Copy URL

Twitter E-mail

General

Target

103f06c65837c1c75a670592295152d3
Size

135KB
MD5

103f06c65837c1c75a670592295152d3
SHA1

d855f171e3141992b12d86653e56e6929a86fe51
SHA256

2605d952460281132e1d77cbc93f82e9621f72202453c7f02e7c4f8ad1760183
SHA512

bc5dd55b87dd6298d588730d23dc8c57fded2dca64937c9f48a3a6ed901c1bf0d42fa00ffe8c6e192438f302683f5caf96b2f89033c455de9f560801af98e6c3
SSDEEP

1536:ps4RzTvvt8TxmdJA53/R2YoSo6yqkJOQl9dPeRE6YFiUO+J44FT:GqCT+yByoQ9PeO6uxJ4kT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
103f06c65837c1c75a670592295152d3

Files

103f06c65837c1c75a670592295152d3
.exe windows:4 windows x86 arch:x86

3c82aab725a8bbf26ad6bcdb1fdf4aca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
GetWindowDC
GetTopWindow
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
UnregisterClassA

kernel32

GetTickCount
SetLastError
SetThreadLocale
GlobalAddAtomA
LockResource
GetProcAddress
VirtualAlloc
VirtualQuery
GetOEMCP
GetUserDefaultLCID
SetFilePointer
lstrlenA
lstrcatA
lstrcpyA
WaitForSingleObject
LoadResource
EnterCriticalSection
lstrcmpA
GetCommandLineA
lstrlenW
LoadLibraryA
lstrcpynA
ExitProcess
GetFileAttributesA
VirtualAllocEx
GetModuleHandleW
SetEndOfFile
WriteFile
GetCurrentProcessId
FindFirstFileA
LocalFree
GetLocaleInfoA
GetStringTypeA
GetDiskFreeSpaceA
IsBadHugeReadPtr
FindResourceA
DeleteFileA
ExitThread
CreateEventA
HeapAlloc
GetLastError
ResetEvent
LocalAlloc
RaiseException
WideCharToMultiByte
GetModuleHandleA
GetVersion
CreateThread
MoveFileA
GetModuleFileNameA
DeleteCriticalSection
GetCPInfo
SizeofResource

comctl32

ImageList_GetBkColor
ImageList_Add

ole32

CLSIDFromString
StgOpenStorage
OleRegGetUserType
MkParseDisplayName

Exports

Exports

OuTL0Se85gPGw@12

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jkdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c82aab725a8bbf26ad6bcdb1fdf4aca

Headers

File Characteristics

Imports

user32

kernel32

comctl32

ole32

Exports

Exports

Sections

CODE Size: 12KB - Virtual size: 12KB

DATA Size: 10KB - Virtual size: 122KB

.jkdata Size: 107KB - Virtual size: 106KB

.edata Size: 2KB - Virtual size: 1KB

.idata Size: 512B - Virtual size: 80B

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 12KB - Virtual size: 12KB

DATA
Size: 10KB - Virtual size: 122KB

.jkdata
Size: 107KB - Virtual size: 106KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 512B - Virtual size: 80B

.rsrc
Size: 1KB - Virtual size: 1KB