113ce9b2744d37a94255b6c675dde056

Sharing

Copy URL Twitter E-mail

General

Target

113ce9b2744d37a94255b6c675dde056
Size

388KB
MD5

113ce9b2744d37a94255b6c675dde056
SHA1

676b84388b649da08c25562332a088784449ff36
SHA256

6e9e358c32bd1a28706f96d759991a96fc73390eeaa24e65025089905833908e
SHA512

5cee667fe075d02997bda86bbd802b3c8665c8eb30c176b9e3a82fa665baa5bdde61d88db21f85055b56d2728aebd24b90d623d91bb148f5f1ab20ace2cc745e
SSDEEP

12288:iKjoKnK58utGqWml/FwqKqUvm/V8I4vI2CRV:iKjVKGVuFzKqKm/14vjC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
113ce9b2744d37a94255b6c675dde056

Files

113ce9b2744d37a94255b6c675dde056
.exe windows:4 windows x86 arch:x86

a4cb75389807edcfedcf02d616c2df1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetCurrentThread
IsBadWritePtr
GetLastError
SetLastError
LeaveCriticalSection
GetVersion
EnterCriticalSection
WideCharToMultiByte
VirtualFree
QueryPerformanceCounter
GetEnvironmentStrings
ExitProcess
WriteFile
HeapReAlloc
TlsFree
GlobalFix
HeapCreate
GetCommandLineA
GetCurrentThreadId
GetStringTypeA
FreeEnvironmentStringsA
GetACP
GetCPInfo
LCMapStringW
MultiByteToWideChar
SetHandleCount
GetEnvironmentStringsW
GetCurrentProcess
GetOEMCP
LoadLibraryA
HeapDestroy
DeleteCriticalSection
TlsSetValue
TerminateProcess
GetStartupInfoA
GetSystemTimeAsFileTime
GetStringTypeW
GetFileType
GetTickCount
InitializeCriticalSection
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetModuleHandleA
GetStdHandle
VirtualQuery
TlsAlloc
LCMapStringA
RtlUnwind
TlsGetValue
InterlockedExchange
GetProcAddress
VirtualAlloc
GetCurrentProcessId
HeapAlloc

gdi32

SetWinMetaFileBits
SetColorSpace
PlayMetaFile
GetICMProfileA
SetBitmapBits
Rectangle
CreateScalableFontResourceA
GdiPlayDCScript
CreateColorSpaceW
GetArcDirection
GetCharABCWidthsFloatW
MaskBlt
ColorMatchToTarget
EnumFontsA
DeviceCapabilitiesExW

user32

EnumThreadWindows
RegisterHotKey
RegisterClassExW
InflateRect
TrackMouseEvent
DdeInitializeW
CopyAcceleratorTableW
IsCharAlphaA
GetCapture
ToAsciiEx
SetWindowPlacement
LockWindowUpdate
DdePostAdvise
SendIMEMessageExA
SetUserObjectSecurity
DdeKeepStringHandle
GetWindowModuleFileNameW
CreateAcceleratorTableW
GetMenu
GetClipboardSequenceNumber
PostThreadMessageW
GetMenuContextHelpId
SetDlgItemTextA
TabbedTextOutA
ToAscii

comdlg32

LoadAlterBitmap
ChooseColorA
PageSetupDlgA

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4cb75389807edcfedcf02d616c2df1c

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comdlg32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 4KB - Virtual size: 18KB

.data Size: 276KB - Virtual size: 276KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 4KB - Virtual size: 18KB

.data
Size: 276KB - Virtual size: 276KB

.rsrc
Size: 8KB - Virtual size: 8KB