129428aa329c75a14ae5332122740d96

General

Target

129428aa329c75a14ae5332122740d96
Size

220KB
MD5

129428aa329c75a14ae5332122740d96
SHA1

0dfdc97da19bba738845d124f1e931ba2f2850a6
SHA256

03f74ac8a6dab137374902c080cb0596c63b6d150c36bf3e5c33eb4b0bb9343e
SHA512

4f1a8b2e6901a4e35b24ff6865ad252f53041625691fe48561a70d989d2be444eb1dac93e6e8259e62af37a2606cff89eac9aa85cafaf38f85ce378475d67503
SSDEEP

6144:AlaoBUYIhfa0FMfs8PUZxanSEBSgzevzQImR:AnOYIseYJPUZUnSqqbrmR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
129428aa329c75a14ae5332122740d96

Files

129428aa329c75a14ae5332122740d96
.exe windows:4 windows x86 arch:x86

019e9405cc0c0e9b3fc90b0e0f943246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetCurrentThread
GetCurrentProcess
DeleteTimerQueue
TlsAlloc
Sleep
LoadLibraryA
GetProcAddress
VirtualProtect
GetModuleHandleA
CreateEventA
SuspendThread
GetFileType
ResetEvent
GetCurrentThreadId
GetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
HeapAlloc
GetCPInfo
GetLocaleInfoA
OpenEventA
GetOEMCP
GetACP
HeapFree
GetSystemInfo
HeapCreate
HeapDestroy
SetHandleCount
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW

user32

IsChild
LoadCursorA
GetDesktopWindow
GetDC
GetSysColorBrush
SetTimer
ReleaseDC
CreateIcon
IsIconic
SetCursorPos
GetWindowRect
SetCursor
InSendMessage
SendMessageA
LoadAcceleratorsA
FindWindowA
GetCursorPos

gdi32

FloodFill

shell32

ord195

psapi

GetWsChanges

msvfw32

DrawDibEnd
ICOpen

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

019e9405cc0c0e9b3fc90b0e0f943246

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

psapi

msvfw32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 32KB - Virtual size: 33KB

.rsrc Size: 156KB - Virtual size: 153KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 32KB - Virtual size: 33KB

.rsrc
Size: 156KB - Virtual size: 153KB