13ed6d0ed145f2d927f6a33d4367f570

Sharing

Copy URL Twitter E-mail

General

Target

13ed6d0ed145f2d927f6a33d4367f570
Size

204KB
MD5

13ed6d0ed145f2d927f6a33d4367f570
SHA1

5c83fd781d8d036d25785d37949515440b45b4c7
SHA256

b759b0e5cfa6493d64826817fbff63170498243a90fffda85eb1a54124ff02bd
SHA512

5282c0086fa122901fd404471ad398b01b59c04e9569d0fd8c08b2e519f8f096513f2fbf335a68ee52bc4280e3f3ea907d7b8cf491f0fe7c6f9fb9cd8de52d78
SSDEEP

3072:Mzj3lAO7i1cHQK9TR5Vzpq4waV17h3F/filImN4xsXG7SmC+lSmB7:4DeuccHT9lV17Eos2WiB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13ed6d0ed145f2d927f6a33d4367f570

Files

13ed6d0ed145f2d927f6a33d4367f570
.exe windows:4 windows x86 arch:x86

2f29166146b99e602b9e6f57c4303857

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetContextToken
StgCreateDocfileOnILockBytes
StringFromIID
CoGetMalloc
CLSIDFromString
CoTaskMemFree
CoRevokeClassObject
CoUnmarshalInterface
MkParseDisplayName
CreateBindCtx
CoCreateGuid
CoGetObjectContext
CoGetContextToken
OleRegGetUserType
CoRevokeClassObject

kernel32

GetEnvironmentStrings
HeapAlloc
VirtualAlloc
ExitProcess
GetModuleHandleA
LoadLibraryA
GetModuleHandleW
lstrlenA
GetCommandLineA
GetACP
IsBadHugeReadPtr
GetProcAddress
LoadLibraryExA
ExitThread
GetLastError
GetOEMCP
IsBadReadPtr
GetEnvironmentStrings

version

VerInstallFileA
GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA

shell32

Shell_NotifyIconA
SHGetFolderPathA

comdlg32

GetOpenFileNameA
GetFileTitleA
GetOpenFileNameA

oleaut32

SysFreeString
SysStringLen
VariantChangeType
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayGetElement
RegisterTypeLib
SysAllocStringLen
VariantChangeType
RegisterTypeLib
VariantCopyInd
VariantChangeType
GetErrorInfo
SafeArrayGetUBound
OleLoadPicture
SysAllocStringLen
SysStringLen
SysReAllocStringLen
SysFreeString

msvcrt

memset
mbstowcs
malloc
calloc
wcschr
memmove
swprintf
_acmdln
asin
rand
wcscspn
sprintf
abs
sin
swprintf
wcstol
srand
memset
malloc
exp
tan
log10
strcmp
cos
strncmp
rand

user32

GetMenuState
GetWindow
GetMenuStringA
GetSysColor
GetScrollInfo
GetMenuItemInfoA
GetParent
GetSystemMenu
GetLastActivePopup
GetWindowLongA
GetKeyState
GetMenuItemID
GetMessagePos
GetSubMenu
GetKeyboardLayout
GetPropA
GetScrollRange
GetScrollPos
GetKeyNameTextA
GetWindowLongW
GetKeyboardLayoutNameA
GetMenu
GetKeyboardState
GetIconInfo
GetTopWindow
GetSysColorBrush
GetMenuItemCount
GetWindowDC
GetKeyboardType
GetKeyboardLayoutList
FindWindowA
GetSystemMenu

comctl32

ImageList_Add

gdi32

SetTextColor
SetPixel
GetObjectA

shlwapi

PathFileExistsA
SHSetValueA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA

Sections

CODE
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f29166146b99e602b9e6f57c4303857

Headers

File Characteristics

Imports

ole32

kernel32

version

shell32

comdlg32

oleaut32

msvcrt

user32

comctl32

gdi32

shlwapi

advapi32

Sections

CODE Size: 112KB - Virtual size: 109KB

.rdata Size: 4KB - Virtual size: 839B

.data Size: 4KB - Virtual size: 872B

DATA Size: 8KB - Virtual size: 6KB

.cdata Size: 8KB - Virtual size: 6KB

.hdata Size: 8KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 8KB

CODE
Size: 112KB - Virtual size: 109KB

.rdata
Size: 4KB - Virtual size: 839B

.data
Size: 4KB - Virtual size: 872B

DATA
Size: 8KB - Virtual size: 6KB

.cdata
Size: 8KB - Virtual size: 6KB

.hdata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 8KB