126ab02735f41b6c2d415e0f868200ee

Sharing

Copy URL Twitter E-mail

General

Target

126ab02735f41b6c2d415e0f868200ee
Size

79KB
MD5

126ab02735f41b6c2d415e0f868200ee
SHA1

f0de18bc811a50bed97a0556f6005d0e92923e65
SHA256

21363fa93250b3179367fc8ba0575447f66717408e89ea0e490591273b9b4e41
SHA512

c7f3fa9dba0c779a81276f67dd3ecc5f657f5323d5dc34d5cf3b7a7bf58d06e254d288dfebf39d160154a01a6e59cb384dd67f2fc915fda178d2510eb3b603fe
SSDEEP

1536:O8ur2PTq5D1jOCCREzN6d/C3SYxgHevNw36BcA4q6wqEqe:O8PT81oREz8dex9JyA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
126ab02735f41b6c2d415e0f868200ee

Files

126ab02735f41b6c2d415e0f868200ee
.exe windows:5 windows x86 arch:x86

b6c8632af89c4347ff6ad7a2613b6c80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCA

kernel32

GetCommConfig
lstrlenA
GetFullPathNameA
GetTempFileNameW
TryEnterCriticalSection
lstrcmpA
CopyFileW
FindNextFileA
GetCommandLineA
TlsSetValue
GetModuleHandleA
WaitCommEvent
CloseHandle
GetCurrentThreadId
RemoveDirectoryA
lstrlenW
FindResourceW
CreateFileW
lstrcpyA
GetCommProperties
GetStartupInfoA
RaiseException
lstrcmpW
SetThreadContext
GlobalGetAtomNameA
GetDateFormatA
GetShortPathNameW
LeaveCriticalSection
CreateWaitableTimerW
SetWaitableTimer
ConnectNamedPipe
OpenFileMappingW
OpenEventA
GetUserDefaultUILanguage
ClearCommBreak
GetBinaryTypeA
SetFilePointer
ClearCommError
CancelWaitableTimer
EnumResourceLanguagesA
UnhandledExceptionFilter
IsDBCSLeadByte
EnumSystemLocalesA
GetComputerNameExW
MoveFileExW
CreateNamedPipeW
GetUserDefaultLangID
GetLastError
GetLocaleInfoA
lstrcatA
LocalReAlloc
GetWindowsDirectoryW
FreeLibrary
AreFileApisANSI
VerSetConditionMask

msvcrt

memset
towlower
_controlfp
__set_app_type
wcscoll
__p__fmode
strspn
printf
getenv
fputc
strtoul
strcspn
isprint
mbstowcs
free
__p__commode
fputs
wcsncmp
wcstok
_amsg_exit
iswspace
localtime
iswdigit
swprintf
sprintf
strcoll
malloc
_initterm
fprintf
fflush
ungetc
wcscpy
clock
atoi
_ismbblead
calloc
fseek
toupper
setlocale
gmtime
puts
strstr
_XcptFilter
getc
_exit
atol
swscanf
_cexit
__setusermatherr
__getmainargs

user32

IsCharAlphaNumericW
GetPropW
CharNextW
GetMenuItemID
GetFocus
SendMessageTimeoutA
SendDlgItemMessageA
InvalidateRgn
GetKeyState
InternalGetWindowText
wsprintfW
DefWindowProcW
LoadCursorW
SendMessageTimeoutW
GetMenuItemCount
LoadIconA
DrawAnimatedRects
GetAsyncKeyState
LoadMenuW
SetWindowLongW
DefWindowProcA
EndPaint
GetWindowTextA
GetUpdateRect
CopyRect
DestroyCursor
RegisterClassA
TabbedTextOutW
InflateRect
SetDlgItemInt
EnableWindow
SetMenuItemInfoW
DrawStateW
OpenInputDesktop
CreateCaret
GetClipCursor
SendMessageA
DrawFrameControl
SetScrollPos
LoadAcceleratorsA
SetParent
IsDlgButtonChecked
PostThreadMessageA
ChildWindowFromPoint
GetUserObjectInformationW
SetMenuDefaultItem
IsWindow
RemovePropW
AppendMenuW
CheckRadioButton
GetKeyboardLayoutList
MapWindowPoints
GetCaretPos
PostMessageW
IsCharUpperA
CreateDialogParamA
ArrangeIconicWindows
CheckMenuItem
SetCaretPos
GetWindowLongA
GetScrollRange
DispatchMessageA
SetWindowPos
VkKeyScanW
OemToCharBuffA
DestroyCaret
SendMessageW
wsprintfA
GetClientRect
CharNextA
CharLowerA
DrawIcon
LoadStringW
GetMenu
RegisterClassExW
DestroyIcon
LoadBitmapA
CreateCursor
GetLastActivePopup
CharToOemBuffA
wvsprintfW
CheckDlgButton
GetWindowPlacement
DestroyAcceleratorTable
MessageBoxA
EnumWindows
CreateWindowExW
GetMenuItemInfoW
GetSysColorBrush
DrawTextExW
GetScrollPos
ClipCursor
SetClassLongW
ShowWindow
EnumChildWindows
RegisterHotKey
GetMessagePos
IsMenu
CharLowerW
ReleaseDC
OemToCharA
CreateIconFromResource
CallWindowProcW
CheckMenuRadioItem
UnionRect
GetWindowDC
DefFrameProcW
GetMenuItemRect
SetMenu
EnableScrollBar
SetWindowTextA
LoadImageA
GetDlgCtrlID
AdjustWindowRectEx
ReplyMessage
EqualRect
HideCaret
GetDlgItemInt
GetDCEx
IsWindowVisible
MapVirtualKeyExW

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6c8632af89c4347ff6ad7a2613b6c80

Headers

File Characteristics

Imports

shlwapi

kernel32

msvcrt

user32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 1024B - Virtual size: 60KB

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 13KB - Virtual size: 13KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 1KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 1024B - Virtual size: 60KB

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 1KB - Virtual size: 1KB