14020514437bcd0948b94af5c5be0539

Sharing

Copy URL

Twitter E-mail

General

Target

14020514437bcd0948b94af5c5be0539
Size

81KB
MD5

14020514437bcd0948b94af5c5be0539
SHA1

cdd4e2cda4cceb61b4fb24f8001b96c3ea867846
SHA256

26a9f7f666d3fc8f58c9fa7217caea85afaac8cd9c140494669fcdd2d3bf6293
SHA512

aac7f66f61e9401c0408123c54c58a9e8ed3e7db5c300a18ce793ced70da6eb7adfa35fe6e88e32530364f55ec0e10aaf94f9d1019cdbdf5697e41888879c0ab
SSDEEP

1536:PYI1lA8IC6QjV2kSUNLyJPXju5ahnDscNvCdj/up1TduJG23z8HJMZyY:ndIC6QjV2kjwlK5ahnD1NvCdjmZEz8H2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14020514437bcd0948b94af5c5be0539

Files

14020514437bcd0948b94af5c5be0539
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

a62c79759c3134a54f8e9abe11627c8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CreateMutexA
CreateThread
FindResourceA
FindNextFileW
CreateProcessA
FindNextFileA
GetACP
GetCurrentThread
FreeEnvironmentStringsW
FileTimeToLocalFileTime
FormatMessageA
GetConsoleMode
GetSystemTimeAsFileTime
GetLocaleInfoA
GetThreadLocale
GetNumberFormatA
GetCommandLineA
GetExitCodeThread
GetPriorityClass
GetDriveTypeW
IsDebuggerPresent
FindNextChangeNotification
LCMapStringA
FreeResource
lstrcpynA
LockResource
HeapSize
GetTempFileNameW
GetDiskFreeSpaceA
GlobalSize
GlobalAlloc
GetPrivateProfileStringA
GetProcessHeap
IsBadReadPtr
ReadFile
GlobalFindAtomA
GetModuleFileNameA
MapViewOfFile
WaitForSingleObject
SetConsoleCtrlHandler
SetThreadLocale
InterlockedIncrement
LocalAlloc
WritePrivateProfileStringA
MultiByteToWideChar
SetStdHandle
lstrcatA
WinExec
SetLastError
WriteConsoleW
lstrlenA
ReadProcessMemory
SetCurrentDirectoryW
TerminateThread
WritePrivateProfileStringW

crtdll

free
strlen
memcpy
_cexit

mpr

WNetOpenEnumA
WNetGetConnectionA
WNetEnumResourceA
WNetGetConnectionW

user32

ActivateKeyboardLayout
BeginDeferWindowPos
CharToOemA
CallNextHookEx
ChildWindowFromPoint
CharLowerA
CharLowerBuffA
DrawFrameControl
CallWindowProcA
DrawTextW
CopyRect
DeleteMenu
CreateCaret
DdeCreateStringHandleA
DrawMenuBar
EmptyClipboard
DrawTextA
GetDoubleClickTime
DialogBoxIndirectParamW
DrawIconEx
GetCapture
DialogBoxParamA
GetClipboardData
GetMessageA
GetDCEx
DrawEdge
DdeDisconnect
EndDeferWindowPos
GetClassLongA
GetClassInfoA
GetMenuItemInfoA
GetUpdateRect
GetMenu
GetParent
EnumWindows
GetKeyboardLayout
GetScrollPos
GetPropA
GetWindowThreadProcessId
LoadImageW
GetTopWindow
IntersectRect
GetSysColor
IsCharAlphaA
GetSystemMenu
GetSystemMetrics
GetScrollRange
InvalidateRgn
GetWindowTextA
GetIconInfo
InflateRect
IsRectEmpty
IsWindow
IsWindowEnabled
PostQuitMessage
LoadImageA
MessageBeep
ShowCursor
ScrollDC
SetForegroundWindow
MessageBoxW
GetWindowLongA
LoadBitmapA
PostMessageW
HideCaret
ReleaseDC
UpdateWindow
SetKeyboardState
SetDlgItemTextA
PeekMessageA
MessageBoxA
TranslateMessage
GetWindowTextLengthW
WaitMessage
ShowScrollBar
IsIconic
OemToCharA
SetCaretPos
SetWindowPlacement
SetFocus
LoadStringW
SetMenuItemBitmaps
ModifyMenuA
RemovePropA
SystemParametersInfoW
SetScrollPos
TrackPopupMenu
UnregisterHotKey

advapi32

AdjustTokenPrivileges
GetSidIdentifierAuthority
OpenProcessToken
AddAce

ole32

IsAccelerator
StringFromCLSID
IsEqualGUID
RevokeDragDrop

Sections

CODE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a62c79759c3134a54f8e9abe11627c8c

Headers

File Characteristics

Imports

kernel32

crtdll

mpr

user32

advapi32

ole32

Sections

CODE Size: 3KB - Virtual size: 3KB

DATA Size: 72KB - Virtual size: 72KB

BSS Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 4KB

CODE
Size: 3KB - Virtual size: 3KB

DATA
Size: 72KB - Virtual size: 72KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 4KB