139277bc667211fd41eba6a18cb1dd50

Sharing

Copy URL

Twitter E-mail

General

Target

139277bc667211fd41eba6a18cb1dd50
Size

32KB
MD5

139277bc667211fd41eba6a18cb1dd50
SHA1

3bdb217177a33bad90a7d7e691f7aedc68e7f6e8
SHA256

e93d1bf5eed4b7023acdefa7465cf7261f258cb9688c2f03fe29d47881b80c8d
SHA512

74bd65543adaa9edf2369d91a45a659662307ab96a6b91fa2eac26729fad6c0313a040133efa0a73843d94ba7ca13c0f352286ee5717dcb36d5dbbd24844868b
SSDEEP

768:4tMZNK0UUYhapp1xtRS3ON7r0CXoF/yKJ:4tuUUYhaD1geFr0I3KJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
139277bc667211fd41eba6a18cb1dd50

Files

139277bc667211fd41eba6a18cb1dd50
.exe windows:5 windows x86 arch:x86

ee6040600f8bdb0efafacc7d0c9ab7c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
VirtualAllocEx
GlobalDeleteAtom
EnumSystemLocalesA
GetProcessId
DuplicateHandle
GlobalDeleteAtom
MultiByteToWideChar
SetConsoleInputExeNameA
GetEnvironmentStringsA
EnumSystemCodePagesA
FindFirstVolumeMountPointA
lstrlenA
WaitForMultipleObjectsEx
OpenEventA
GetFullPathNameA
WriteConsoleA
LockFileEx
GetModuleHandleA
GetFileType
OpenJobObjectA
GetConsoleKeyboardLayoutNameA
SystemTimeToFileTime
LZSeek
SetThreadPriority
IsBadStringPtrA
Module32First
SetLocalPrimaryComputerNameA
GetConsoleSelectionInfo
CreateFileMappingA
GetPrivateProfileStructA
GlobalUnWire
GetTickCount
GetProcessTimes
SetConsoleCursorInfo
EnumResourceLanguagesA
ClearCommError
GetThreadLocale
GetVersionExA
SetSystemTimeAdjustment
PulseEvent
GetConsoleSelectionInfo
ResetWriteWatch
GetCPInfo
RemoveDirectoryA
GetFileTime
IsBadCodePtr
UpdateResourceA
GetComputerNameA
lstrcmpA
GetThreadLocale
MapUserPhysicalPagesScatter
CreateNamedPipeA
SetTimerQueueTimer
GetLastError
FindClose
GetSystemDirectoryA
GetSystemWindowsDirectoryA
EnumResourceLanguagesA
GetSystemDirectoryA
SetupComm
SetDefaultCommConfigA
GlobalMemoryStatusEx
WriteFile
LocalUnlock
CloseHandle
SetConsoleFont

user32

RegisterRawInputDevices
SetMenuItemBitmaps
MapVirtualKeyExA
IsRectEmpty
GetUserObjectSecurity
GetForegroundWindow
CreateIconFromResource
OemToCharBuffA
IsDialogMessageA
OemKeyScan
GetLastInputInfo
MoveWindow
GetReasonTitleFromReasonCode
SetDebugErrorLevel
GetDlgItem
GetTabbedTextExtentA
GetRawInputDeviceList
TranslateAcceleratorA
SetMessageExtraInfo
TrackMouseEvent
EnableMenuItem
CheckRadioButton
GetLastActivePopup
GetWindowTextA
DestroyIcon
FreeDDElParam
CalcMenuBar
GetAncestor
UnionRect
InternalGetWindowText
CreateIconIndirect
GetScrollPos
DefFrameProcA
GetWindowContextHelpId
GetRawInputData
ModifyMenuA
CheckRadioButton

version

GetFileVersionInfoA

comdlg32

GetFileTitleA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee6040600f8bdb0efafacc7d0c9ab7c4

Headers

File Characteristics

Imports

kernel32

user32

version

comdlg32

Sections

.text Size: 25KB - Virtual size: 25KB

.idata Size: 3KB - Virtual size: 31KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 25KB - Virtual size: 25KB

.idata
Size: 3KB - Virtual size: 31KB

.rsrc
Size: 2KB - Virtual size: 2KB