141929b19228f2c02c429db0fa776aa9

Sharing

Copy URL Twitter E-mail

General

Target

141929b19228f2c02c429db0fa776aa9
Size

279KB
MD5

141929b19228f2c02c429db0fa776aa9
SHA1

9d2a9a14017f28699dbb8352ab41d8499e687dad
SHA256

a8b28b5bb7b420b6e458845f79b31df9257bc0f7de6753306b8b42f49a47ae40
SHA512

4e070842433849fab194e70af23695c7fe65ed49d87cdb53872bad0f352b0d64361a06baed4c193f0efb674c8709e91884619b7b7fc847523e6fe32ad65a5591
SSDEEP

6144:kRAw9N23OMYz+3cVfqeXVqyGnY4YXoaUQ9t00YeckEFkV//:kR/MOVHEYbUSg5g//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
141929b19228f2c02c429db0fa776aa9

Files

141929b19228f2c02c429db0fa776aa9
.exe windows:5 windows x86 arch:x86

bdedb796243ac52aa3465afa106ca204

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InvertRect
CreateMDIWindowW
ShowWindow
RegisterClassW
UpdateWindow
OffsetRect
FillRect
LoadAcceleratorsA
SendMessageW
DefWindowProcA
WindowFromPoint
GetMenuItemCount
InvalidateRgn
GetDlgItem
IsDialogMessageW
EnumWindows
GetSysColorBrush
CharToOemBuffA
EnumChildWindows
IsChild
GetDC
GetKeyboardLayoutList
CheckDlgButton
RegisterClassExW
GetParent
HideCaret
CreateMenu
DestroyCaret
DestroyMenu
ActivateKeyboardLayout
SetWindowPos
MoveWindow
SetCapture

ole32

OleCreate
OleFlushClipboard
OleCreateLinkFromData
CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromProgID
OleCreateFromFile
CoRevokeClassObject
WriteFmtUserTypeStg
ReadFmtUserTypeStg
StringFromGUID2
OleQueryLinkFromData

kernel32

SetUnhandledExceptionFilter
GetLocalTime
Sleep
LocalAlloc
GetPriorityClass
ResetEvent
CompareFileTime
GlobalGetAtomNameA
ResumeThread
LCMapStringA
GetStartupInfoA
RaiseException
GetCurrentProcess
GetDateFormatA
ReadFile
GetFileType
SleepEx
GetEnvironmentStringsW
OpenFile
GetModuleFileNameW
InterlockedDecrement
SetStdHandle
SetFileTime
CreateProcessW
GetCurrentDirectoryA
GlobalAlloc
FileTimeToSystemTime
VirtualFree
GetStringTypeA
GlobalUnlock
GetUserDefaultLCID
GetCommandLineA
VirtualFree
GetACP
GlobalGetAtomNameW
SearchPathW
IsBadWritePtr
DeleteCriticalSection

atldpdd

_Nan
_Strcoll
_Getcvt
_FInf
_Dtest
_LCosh
_FDscale
_FDenorm
_Strxfrm
_Denorm

ntdll

NtTraceEvent
NtWriteFile
NtCreateMutant
ZwSetEvent
ZwProtectVirtualMemory
NtQueryInformationFile
NtSuspendThread

advapi32

RegSetValueExA
RegOpenKeyExA

gdi32

CreateRectRgnIndirect
SetROP2
MoveToEx
GetTextAlign
GetBitmapBits
GetStockObject
CreateBitmap
SetTextColor
SetViewportExtEx
EnumFontFamiliesExA
BitBlt
CreateDIBSection
DeleteDC
StretchDIBits
GetEnhMetaFileA
GetTextMetricsA
Polygon
EndDoc
SelectPalette
GetCurrentObject
SetRectRgn
GetSystemPaletteUse
SaveDC
Ellipse

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdedb796243ac52aa3465afa106ca204

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

kernel32

atldpdd

ntdll

advapi32

gdi32

Sections

.text Size: 199KB - Virtual size: 199KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 39KB - Virtual size: 40KB

.text
Size: 199KB - Virtual size: 199KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 39KB - Virtual size: 40KB