1573020532f838be32c368468553aecd

Sharing

Copy URL Twitter E-mail

General

Target

1573020532f838be32c368468553aecd
Size

453KB
MD5

1573020532f838be32c368468553aecd
SHA1

677d52182fe5156c5a3f32f7350ea6250545162c
SHA256

35223d681382f05e541d20605fc7038d0d2815359ad6c45d77fe6465fd09907f
SHA512

29cb245bdd2248424b5d8b8057fed0553d18c9e4430d4d4561eebec18eac8c72c4f99623ba55c7cbdb070dabe0dc682834dd5e345604a586428d9cea31de150b
SSDEEP

12288:nMMnMMMMMm8Kd+OOTEKkKfIJZ32rCohWE5cVIhAjW8d88:nMMnMMMMMm8KtOjfQKW8l8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1573020532f838be32c368468553aecd

Files

1573020532f838be32c368468553aecd
.exe windows:4 windows x86 arch:x86

e23d59e146099035cd286073d3740cb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCatBuffA
StrCpyNW
wnsprintfA
StrCatBuffW

kernel32

GetCurrentProcessId
GetCurrentThreadId
EnterCriticalSection
SetProcessWorkingSetSize
GetProcAddress
GetLastError
WinExec
GetSystemTimeAsFileTime
GetCommandLineA
Sleep
HeapFree
GetCurrentProcess
InitializeCriticalSection
FileTimeToSystemTime
lstrlenW
TerminateProcess
GetDateFormatA
lstrlenA
SetUnhandledExceptionFilter
DeleteCriticalSection
HeapAlloc
lstrcmpiA
VirtualAlloc
GetTickCount
QueryPerformanceCounter
UnhandledExceptionFilter
CompareFileTime
HeapReAlloc

samlib

SamRemoveMultipleMembersFromAlias

crypt32

CryptEnumOIDInfo

shell32

ShellExecuteA

ntdll

RtlUnwind

wintrust

WTHelperGetProvSignerFromChain
WinVerifyTrust
WintrustAddActionID
WTHelperGetProvCertFromChain
WTHelperCertIsSelfSigned
WintrustRemoveActionID

user32

LoadStringA
SendMessageA
LoadCursorA
GetWindowRect
EnableWindow
GetDlgItemTextA
GetWindowLongA
DialogBoxIndirectParamW
EndDialog
SendDlgItemMessageA
SendMessageW
ShowWindow
DialogBoxParamW
SetFocus
MessageBeep
WinHelpA
GetSysColor
ReleaseDC
SetWindowLongA
DialogBoxIndirectParamA
SetDlgItemTextA
GetDC
CreateWindowExW
CallMsgFilterA
LoadBitmapA
GetParent
LoadImageA
DialogBoxParamA
SetCursor

gdi32

GetTextMetricsA
GetTextMetricsW
SelectObject
GetTextExtentPointA
GetTextExtentPointW
DeleteObject

Sections

.text
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e23d59e146099035cd286073d3740cb7

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

samlib

crypt32

shell32

ntdll

wintrust

user32

gdi32

Sections

.text Size: 1024B - Virtual size: 968B

.reloc Size: 512B - Virtual size: 28B

.rsrc Size: 393KB - Virtual size: 392KB

.data Size: 42KB - Virtual size: 936KB

.idata Size: 2KB - Virtual size: 2KB

.rdata Size: 13KB - Virtual size: 12KB

.text
Size: 1024B - Virtual size: 968B

.reloc
Size: 512B - Virtual size: 28B

.rsrc
Size: 393KB - Virtual size: 392KB

.data
Size: 42KB - Virtual size: 936KB

.idata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 13KB - Virtual size: 12KB