13590badcf66a7da2acb4b174399c22e

Sharing

Copy URL Twitter E-mail

General

Target

13590badcf66a7da2acb4b174399c22e
Size

165KB
MD5

13590badcf66a7da2acb4b174399c22e
SHA1

764d2bea7ac7dd6ddb4870e58ce075610d8f3b2a
SHA256

0ae48e02a8babfabbda9c16ee106b68c94816d8fc0aed07e645b460581e45a17
SHA512

6951728b02d0392ee9977cf9f0ce596a6a65fb65d18c5af9df7348bb8afc2d79c82baf3dd264c0c1e39ac1e08cb177c891a588d5b318b0ec96aae76964c9f085
SSDEEP

3072:yhu2jeMs/68h3MfeJU7r6CTyHrAq1yxzfD:yQ27b8+f17r5Y9Yxz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13590badcf66a7da2acb4b174399c22e

Files

13590badcf66a7da2acb4b174399c22e
.exe windows:4 windows x86 arch:x86

38985061a38a56ab6795d585b8db5063

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

advapi32

RegOpenKeyA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

gdi32

DeleteMetaFile
SetBkMode
TextOutA
DeleteObject
CreateRectRgn
GetTextExtentPoint32A
CreateFontIndirectA
BitBlt
SelectObject
RestoreDC
GetObjectA
GetDeviceCaps
EnumFontFamiliesExA
CreateSolidBrush
SetTextColor
SaveDC
CreateCompatibleDC
DeleteDC
GetStockObject
Rectangle
CreateCompatibleBitmap

user32

SetWindowPos
IsWindow
GetSysColor
GetWindowLongA
GetDlgItem
MoveWindow
ReleaseCapture
GetWindowInfo
LoadCursorA
FillRect
SetWindowLongA
ReleaseDC
SetCursor
GetDC
SetCapture

kernel32

GetCalendarInfoW
GetSystemTimeAsFileTime
TerminateProcess
Sleep
GetSystemTime
WriteFile
CreateFileW
HeapFree
GetThreadLocale
GetACP
CloseHandle
LoadLibraryExW
SystemTimeToFileTime
UnhandledExceptionFilter
LocalAlloc
RaiseException
LoadLibraryW
lstrlenA
GetLocaleInfoA
EnumResourceNamesA
InterlockedExchange
GetStdHandle
lstrlenW
GetCurrentProcess
InterlockedCompareExchange
HeapAlloc
GetCurrentThreadId
MultiByteToWideChar
GetProcessHeap
GetEnvironmentVariableA
FindFirstFileW
GetModuleHandleA
GetTickCount
GetStartupInfoA
WideCharToMultiByte
CreateProcessA
SetUnhandledExceptionFilter
HeapSize
GetCurrentProcessId
IsDebuggerPresent
HeapReAlloc
HeapDestroy
QueryPerformanceCounter
lstrcpynW

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38985061a38a56ab6795d585b8db5063

Headers

File Characteristics

Imports

ole32

winmm

advapi32

shell32

gdi32

user32

kernel32

version

oleacc

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 67KB - Virtual size: 67KB

.rsrc Size: 1024B - Virtual size: 100KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 67KB - Virtual size: 67KB

.rsrc
Size: 1024B - Virtual size: 100KB