14f81f641f1ec62f547c0ba92de17633

Sharing

Copy URL

Twitter E-mail

General

Target

14f81f641f1ec62f547c0ba92de17633
Size

428KB
MD5

14f81f641f1ec62f547c0ba92de17633
SHA1

ef2aebf7124ddcd372eeb19403c9e0cb7ee9a22e
SHA256

72b89aea2726dff16dbfc2cf7af0a9771a4ffc78ec6eae27abf6a6568ea01e7d
SHA512

87f89e45fd748e21406cb9a16fb85a9c59b975ce1e97723cab5f7392ba558cb54d73d6c262d9e1c3760d89ff8fbf7bcb18ba47332617d3723fd5fb08a4f7ae52
SSDEEP

6144:lCVgD20/mifJonAfkbrbSD8gZI/c1irGCIDaAEnlXIH344k5ufbPQ0v2Wb6puaQV:LRSnNXnlXzyTxv2W8uas4d9T+CR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f81f641f1ec62f547c0ba92de17633

Files

14f81f641f1ec62f547c0ba92de17633
.exe windows:4 windows x86 arch:x86

4853e4438e4a11494a0e2da5609947dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
GetLocaleInfoW
TryEnterCriticalSection
GetCalendarInfoA
GetCurrentThread
TerminateThread
HeapAlloc
UnhandledExceptionFilter
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
GetACP
FindFirstFileA
MultiByteToWideChar
SetConsoleCtrlHandler
GetEnvironmentVariableW
GetEnvironmentStringsW
GetFileType
GetNamedPipeInfo
LCMapStringW
DeleteCriticalSection
GetLocaleInfoA
EnterCriticalSection
InitializeCriticalSection
GetStartupInfoA
SetLastError
GetEnvironmentStrings
GetProcAddress
GetNamedPipeHandleStateA
GetDateFormatA
TlsGetValue
GetLogicalDrives
CompareStringW
CompareStringA
GetStdHandle
VirtualQuery
InterlockedIncrement
TlsFree
IsValidLocale
GetStringTypeW
GetTimeFormatA
SetHandleCount
GetCommandLineA
HeapReAlloc
InterlockedDecrement
ExitProcess
GlobalFlags
GetLastError
VirtualAlloc
TlsSetValue
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
FreeEnvironmentStringsW
GetUserDefaultLCID
HeapCreate
GetCurrentThreadId
LCMapStringA
WideCharToMultiByte
GetTimeZoneInformation
FreeLibrary
GetCurrentProcessId
GetModuleFileNameA
HeapSize
SystemTimeToTzSpecificLocalTime
EnumCalendarInfoA
GetTickCount
GetOEMCP
Sleep
FreeEnvironmentStringsA
LeaveCriticalSection
IsValidCodePage
RtlUnwind
EnumSystemLocalesA
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetProfileIntW
CreatePipe
GetCPInfo
WriteFile
GetModuleHandleW
GetStringTypeA
HeapFree
TerminateProcess
LoadLibraryA
ReadConsoleOutputCharacterA
TlsAlloc
VirtualFree

comdlg32

GetFileTitleA
PageSetupDlgW
GetFileTitleW
GetSaveFileNameA
PrintDlgA
ReplaceTextA

shell32

SHFileOperationW
SHGetMalloc
SHGetFileInfo
DuplicateIcon
DragFinish
SheGetDirA
DragQueryFile
SheChangeDirA
SHGetSpecialFolderLocation
DragQueryFileA
SHGetFileInfoA
SheChangeDirExW
SHBrowseForFolderA
SHGetSpecialFolderPathW
SHLoadInProc

gdi32

GetEnhMetaFileBits
GetOutlineTextMetricsA
Escape
SetSystemPaletteUse
RealizePalette
CreateDIBSection
TranslateCharsetInfo
CreateRoundRectRgn
GetEnhMetaFileA
Ellipse
GetCurrentPositionEx
PlayEnhMetaFile
WidenPath
CreateFontIndirectW
EnumFontFamiliesExA
SetDIBits
MaskBlt

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4853e4438e4a11494a0e2da5609947dd

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

gdi32

Sections

.text Size: 147KB - Virtual size: 146KB

.data Size: 275KB - Virtual size: 297KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 147KB - Virtual size: 146KB

.data
Size: 275KB - Virtual size: 297KB

.rsrc
Size: 5KB - Virtual size: 5KB