13f6ea782c71975a971ab871e175e1c2

Sharing

Copy URL Twitter E-mail

General

Target

13f6ea782c71975a971ab871e175e1c2
Size

82KB
MD5

13f6ea782c71975a971ab871e175e1c2
SHA1

93cd466a7a9735fc2a0d975c261801c047e0737f
SHA256

bd7346924ae1645daa5d945fc147890ad0f19e274570e303900e762ac716bab3
SHA512

6c5bbad7f8cdd24f76ba8e71a944c77dcc59bcb8a947b4eac0b58a409764bff4a9f9207487e5acf299844580544072ed2ebe3ce0a13974642a622ff25f874fe6
SSDEEP

1536:IxZomvSE1ym/xBHzQYgA4LF6DD3nddOC0CNeHCv4QY8ghq:qmNSv/rlmF6DjOvse4iq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f6ea782c71975a971ab871e175e1c2

Files

13f6ea782c71975a971ab871e175e1c2
.exe windows:5 windows x86 arch:x86

a64a2fd03f05a6ca0da749d20568aeea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
GetMessageA
GetScrollPos
GetSysColorBrush
GetSubMenu
EnumWindows
SetWindowPos
EnableMenuItem
FrameRect
PostQuitMessage
SetWindowTextA
UnhookWindowsHookEx
EqualRect

kernel32

GetTimeZoneInformation
SetUnhandledExceptionFilter
GetSystemTime
GetStartupInfoA
RtlUnwind
GetFileAttributesA
GetACP
GetTempPathA
FileTimeToSystemTime
InterlockedExchange
GetCurrentProcessId
VirtualAllocEx
GetThreadLocale
ExitProcess

gdi32

CreateCompatibleBitmap
CopyEnhMetaFileA
SelectClipPath
CreateICW
SetViewportExtEx
ExcludeClipRect
GetMapMode
FillRgn
DPtoLP

ole32

CoTaskMemRealloc
CoInitializeSecurity
StgOpenStorage
CoRevokeClassObject
CoInitialize
DoDragDrop
OleRun
StringFromGUID2
CoCreateInstance

advapi32

RegCreateKeyA
AdjustTokenPrivileges
FreeSid
GetUserNameA
CheckTokenMembership
GetSecurityDescriptorDacl
RegQueryValueExW
CryptHashData
RegCreateKeyExW
QueryServiceStatus

msvcrt

_flsbuf
_mbscmp
iswspace
raise
puts
_fdopen
__setusermatherr
fprintf
strncpy
signal
_CIpow
__getmainargs
_strdup
strlen
_lock
fflush
strcspn
__initenv

comctl32

ImageList_GetIcon
ImageList_GetBkColor
InitCommonControls
ImageList_Destroy
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_DragEnter
ImageList_Write
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DrawEx

shell32

DoEnvironmentSubstW
SHGetPathFromIDList
ExtractIconExW
DragQueryFileA
DragAcceptFiles
ShellExecuteEx
DragQueryFileW
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
ExtractIconW

oleaut32

SafeArrayRedim
SafeArrayUnaccessData
SafeArrayPutElement
VariantCopy
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysReAllocStringLen
SafeArrayCreate

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a64a2fd03f05a6ca0da749d20568aeea

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 8KB - Virtual size: 8KB