134f5d0de53dcea22f2e56b0ad43bd3b

Sharing

Copy URL Twitter E-mail

General

Target

134f5d0de53dcea22f2e56b0ad43bd3b
Size

900KB
MD5

134f5d0de53dcea22f2e56b0ad43bd3b
SHA1

9190916e593147dc32835960d405652cfdce3acc
SHA256

e42c30167f67f196c6ccffc5b8a501a759ff3d915ac492f88bb5b406ce595723
SHA512

a16e113aeb9270935b001339db495c74272d6fa30825d7a23985eb6190a17e8cd68cc7975f7a9ffb4c0a1f84f6f7d6983e1de293e62cda8d017aa5ab31f7aeb7
SSDEEP

24576:DbT4fRqrvcuZYrm/wZDL8+WfRbinSQJSxSK9GM:fTtkEw+4A+CTQJpK9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134f5d0de53dcea22f2e56b0ad43bd3b

Files

134f5d0de53dcea22f2e56b0ad43bd3b
.exe windows:5 windows x86 arch:x86

48f735f96a3b1548aa965c452d6be03b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
HeapDestroy
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
Sleep
GetProcessHeap
GetModuleHandleA
InitializeCriticalSection
ReadFile
SetFilePointer
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
CreateFileMappingW
VirtualQuery
UnmapViewOfFile
GetModuleHandleW
SetUnhandledExceptionFilter
GetStartupInfoA
LoadLibraryA
GetCommandLineA
GetTempFileNameW
FindResourceExW
FindResourceW
LoadResource
SetFilePointerEx
CreateDirectoryW
SizeofResource
FormatMessageW
GetVersionExW
GetModuleFileNameW
CreateFileW
lstrlenW
GetTempPathW
RaiseException
LockResource
RemoveDirectoryW
CloseHandle
DeleteFileW
LocalFree
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
GetStartupInfoW
MapViewOfFile

comctl32

InitCommonControlsEx

shlwapi

PathQuoteSpacesW

gdiplus

GdipCreateBitmapFromStream
GdiplusStartup
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdipFree
GdipAlloc
GdipDisposeImage

gdi32

GetStockObject
GetObjectW
SetBkMode
CreateFontIndirectW

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize

user32

DestroyWindow
GetMessageW
PostMessageW
TranslateMessage
IsDialogMessageW
LoadIconW
GetWindowLongW
IsWindowEnabled
GetDlgItem
CheckDlgButton
EnumChildWindows
ShowWindow
MessageBoxW
CharLowerBuffW
wvsprintfW
DispatchMessageW
GetWindow
SendMessageW
IsWindowVisible
CreateDialogParamW
IsDlgButtonChecked

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 813KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48f735f96a3b1548aa965c452d6be03b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

shlwapi

gdiplus

gdi32

ole32

user32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 813KB - Virtual size: 813KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 813KB - Virtual size: 813KB

.reloc
Size: 6KB - Virtual size: 6KB