13e52080ba30ad2280b87f71850b69ad

Sharing

Copy URL Twitter E-mail

General

Target

13e52080ba30ad2280b87f71850b69ad
Size

184KB
MD5

13e52080ba30ad2280b87f71850b69ad
SHA1

87b2f73e89d0f10e7bd1efc6430ca401c0764010
SHA256

e9c28c0f960111a79c8c46df041342ebf89882fd1416b11f2cf98964c0155736
SHA512

70723eff922d87ecc3a515701e7723093480cd422173c9162d17b3ff4fe1dc08e92c686a1ded33dee0c6d908a3b30b9e4321958a6ffa7f9a4d4c564dc83fe39a
SSDEEP

3072:EvdvfZNetsWJeH+ivpkz88fx2DNgCvLPL8caMBIeVLE1SNGlGmCiep1KZ/kGUE3m:CTIeeekzlxuNgC/HfclL44/kG+8S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13e52080ba30ad2280b87f71850b69ad

Files

13e52080ba30ad2280b87f71850b69ad
.exe windows:4 windows x86 arch:x86

90c3639ee2c0e8a642048d4c8778800f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

ole32

CoUninitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoInitialize
CoSetProxyBlanket

kernel32

QueryPerformanceCounter
InterlockedDecrement
WriteConsoleW
GetThreadPriority
HeapDestroy
GetCurrentThreadId
GetModuleHandleA
MultiByteToWideChar
TerminateProcess
GetCommandLineA
GetCPInfo
GetConsoleCP
RaiseException
GetUserDefaultLCID
GetFullPathNameW
GetProcAddress
InterlockedIncrement
EnterCriticalSection
GetStringTypeA
SetCommTimeouts
FlushFileBuffers
GetCurrentProcess
CreateFileA
HeapCreate
GetACP
SetHandleCount
GetVersionExA
GetStringTypeW
GetStdHandle
GetConsoleMode
WriteConsoleA
GetLocaleInfoW
GlobalAlloc
GetConsoleOutputCP
FreeEnvironmentStringsW
EnumResourceNamesA
IsValidLocale
HeapAlloc
LCMapStringA
GetCurrentDirectoryW
LCMapStringW
DeleteCriticalSection
GetCurrentProcessId
GetFileType
IsDebuggerPresent
GetModuleFileNameW
ReadFile
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStrings
EnumSystemLocalesA
SetEndOfFile
FreeEnvironmentStringsA
HeapFree
UnhandledExceptionFilter
GetEnvironmentStringsW
RtlUnwind
Sleep
CloseHandle
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsSetValue
IsValidCodePage
ExitProcess
LoadLibraryA
GetTickCount
TlsAlloc
WideCharToMultiByte
ExitProcess
WriteFile
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
VirtualFree
TlsGetValue
SetStdHandle
TlsFree
GetLastError
LeaveCriticalSection
InitializeCriticalSection
SetLastError
GetProcessHeap
SetFilePointer
GetOEMCP
HeapSize
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90c3639ee2c0e8a642048d4c8778800f

Headers

File Characteristics

Imports

shlwapi

shell32

rpcrt4

ole32

kernel32

user32

advapi32

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 20KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 20KB

.crt
Size: 512B - Virtual size: 216KB