126053874549c907ee097db2e24e02d3

Sharing

Copy URL Twitter E-mail

General

Target

126053874549c907ee097db2e24e02d3
Size

183KB
MD5

126053874549c907ee097db2e24e02d3
SHA1

09ba7223c875c112c21865284dc189c39c4bbf09
SHA256

142494def5bd2b371c61ea110a7f5cabf5f519401f0b0a55a40ae445858b0075
SHA512

dca7c2ee6bac75bf9fa18b2b8cae0894842fcc5e5caf80446d193ebef67e0ea4e29dc64f52de066f266143b1664ea4ef211c62af4a89edceeb0feeb00bb5305d
SSDEEP

3072:RRiuIPkUwzMrzGhI1qS93sHvaOPsezDlCBBVuoWuf1nT7t3T:RUW5MrUI1qQ3uvawJzDouoWmhT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
126053874549c907ee097db2e24e02d3

Files

126053874549c907ee097db2e24e02d3
.exe windows:4 windows x86 arch:x86

8b1d5e1ae72986bb26ba3be6a97c80f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
FindClose
GetModuleHandleA
GetCalendarInfoW
GetLastError
IsWow64Process
GetCurrentDirectoryW
InterlockedCompareExchange
WaitForSingleObject
SearchPathW
GetModuleFileNameW
Sleep
SetFileAttributesW
VirtualProtect
ReleaseMutex
FreeLibrary
GetCurrentProcess
lstrcmpiW
OpenProcess
GetTickCount
SetLastError
UnhandledExceptionFilter
OutputDebugStringA
CreateDirectoryW
LocalAlloc
GetSystemTimeAsFileTime
EnumResourceNamesA
InterlockedExchange
GetFileInformationByHandle
CreateFileMappingW
EnterCriticalSection
LocalFree
FindNextFileW
SetEnvironmentVariableW
MultiByteToWideChar
ExitProcess
InitializeCriticalSection
SetUnhandledExceptionFilter
OutputDebugStringW
GetCurrentThreadId
GetProcessId
GetModuleHandleW
GetLogicalDriveStringsW
GetFileSizeEx
GetProcAddress
EncodePointer
DuplicateHandle
UnmapViewOfFile
FindFirstFileW
VirtualQuery
LoadLibraryW
QueryPerformanceCounter
WideCharToMultiByte
GetFileAttributesW
QueryDosDeviceW
lstrlenW
CreateMutexW

shlwapi

PathSkipRootW
StrDupW
PathGetArgsW
PathIsUNCW
SHRegGetValueW
PathFindFileNameW

gdiplus

GdipGetImageWidth
GdipDisposeImage

user32

GetPropW
AllowSetForegroundWindow
GetClassNameW
GetGUIThreadInfo
GetWindowThreadProcessId
GetForegroundWindow

ole32

CoGetDefaultContext
CoInitialize
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree

advapi32

EncryptFileW
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExW
DecryptFileW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyW
RegSetValueExW
RegCloseKey

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b1d5e1ae72986bb26ba3be6a97c80f7

Headers

File Characteristics

Imports

kernel32

shlwapi

gdiplus

user32

ole32

advapi32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 74KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 380KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 74KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 380KB