1941342917781e9e970b94c441c7575a

Sharing

Copy URL

Twitter E-mail

General

Target

1941342917781e9e970b94c441c7575a
Size

443KB
MD5

1941342917781e9e970b94c441c7575a
SHA1

07c2a13fb452263ea78898de10e1b884e860e827
SHA256

594488386b62b6cf882cc534ee79140065a4f8927f810e16dfa47b7de376b4c4
SHA512

20329c9e47e5278a329828ea99ad6cfa92cb943a36d41556f7f7f8442ffbb6e408f0bf7a2c81d21c9c038306fa5ff8d2e5fc3db62ff6202fc171bf3fd03955bc
SSDEEP

6144:caHy2N0YhcqBwegcA8CPhApIA1tCVvKCmkxh4+V99SAgIptP+NS+p0vWoldtjzRI:h0YPxbQxrv0kDV99CwmNSE0vWuXRSr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1941342917781e9e970b94c441c7575a

Files

1941342917781e9e970b94c441c7575a
.exe windows:4 windows x86 arch:x86

08c6ac19146893f78c6fc82229ba28fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CompareStringW
LCMapStringA
GetTimeZoneInformation
RtlUnwind
GetTimeFormatA
GetNumberFormatW
GetCurrentProcess
GetProcessHeap
VirtualAlloc
SetConsoleCtrlHandler
IsValidCodePage
HeapReAlloc
GetLastError
GlobalFix
GetFileType
FreeLibrary
LeaveCriticalSection
GetModuleFileNameA
GetCPInfo
GetStringTypeW
ExitProcess
GetDateFormatA
GetStringTypeA
HeapCreate
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
FreeEnvironmentStringsW
InitializeCriticalSection
QueryPerformanceCounter
VirtualFree
SetUnhandledExceptionFilter
WriteConsoleOutputCharacterW
SetLastError
TlsGetValue
FreeEnvironmentStringsA
HeapAlloc
GetLocaleInfoW
HeapFree
GetEnvironmentVariableW
SetEnvironmentVariableA
GetCurrentProcessId
ReleaseMutex
GetUserDefaultLCID
GetStdHandle
TlsAlloc
HeapSize
EnumSystemLocalesA
GetEnvironmentStrings
GetVersionExA
GetACP
IsDebuggerPresent
Sleep
EnterCriticalSection
LocalReAlloc
GetModuleHandleA
UnhandledExceptionFilter
WriteFile
OpenSemaphoreW
MultiByteToWideChar
SetHandleCount
FormatMessageW
GetNamedPipeInfo
DeleteCriticalSection
HeapDestroy
GetProcAddress
GetEnvironmentStringsW
GetLocaleInfoA
CompareStringA
IsValidLocale
InterlockedExchange
InterlockedDecrement
WideCharToMultiByte
GetOEMCP
VirtualQuery
TlsSetValue
TlsFree
WriteProfileStringW
LCMapStringW
GetCurrentThreadId
InterlockedIncrement
GetVersion
TerminateProcess
GetCurrentThread

comdlg32

GetSaveFileNameW
GetFileTitleA
ReplaceTextA
PrintDlgW
GetSaveFileNameA
GetFileTitleW
GetOpenFileNameW
GetOpenFileNameA

gdi32

GetWindowOrgEx
GetMetaRgn
GetLayout
PolyBezier
GetObjectW
SwapBuffers
CopyMetaFileW
Ellipse
CreateDCA
ResetDCW
EnumObjects
CreateRoundRectRgn
WidenPath
GetCharABCWidthsA
StartPage
GetSystemPaletteUse
GdiPlayScript
GetNearestPaletteIndex
GetCurrentPositionEx
CombineTransform
CopyMetaFileA
SetMapMode
ExtCreatePen

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08c6ac19146893f78c6fc82229ba28fb

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

Sections

.text Size: 158KB - Virtual size: 157KB

.data Size: 275KB - Virtual size: 274KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 158KB - Virtual size: 157KB

.data
Size: 275KB - Virtual size: 274KB

.rsrc
Size: 9KB - Virtual size: 9KB