196a34f3fc7e33269fa1d13a6174eeac

Sharing

Copy URL Twitter E-mail

General

Target

196a34f3fc7e33269fa1d13a6174eeac
Size

451KB
MD5

196a34f3fc7e33269fa1d13a6174eeac
SHA1

d3a45e4914a71085929dd4dbf59e3aab7a305e80
SHA256

d7e0bd6834b4c7cbb19669e04d8037463ce0e57b8c4ff8bdf1fd3e412390ced4
SHA512

660abf439fe43e7c95176c2c3f27724bdd83d1b8c07a9a7329b33415cd602ebe8bb49b34ea0cb33c4b5878390cbe97eef86eaccccd6b34d0b68c253ae2f7acf2
SSDEEP

12288:pdD75z/pf4BU9GO9a5HyC1VmC6345p1x75avI:fZD9a5HyR3ypfQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
196a34f3fc7e33269fa1d13a6174eeac

Files

196a34f3fc7e33269fa1d13a6174eeac
.exe windows:4 windows x86 arch:x86

edc0e0bda12afe9ad634577d8bb95da7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetFileType
ReadConsoleOutputCharacterW
GetLongPathNameW
GetACP
GetExitCodeProcess
HeapAlloc
TlsSetValue
LeaveCriticalSection
HeapCreate
SetHandleCount
GetVersionExW
ReadFileEx
GetCalendarInfoW
IsValidLocale
LCMapStringW
WideCharToMultiByte
GetCurrentThread
GetDateFormatA
UnlockFileEx
IsBadWritePtr
GetNumberFormatA
GetEnvironmentStrings
CompareStringA
GlobalFlags
GetLocaleInfoW
SetEnvironmentVariableA
GetCommandLineA
GetProcAddress
lstrcpynW
GetCPInfo
TlsFree
GetCompressedFileSizeA
GetPrivateProfileIntW
LCMapStringA
GetOEMCP
VirtualQuery
GetVersionExA
TlsAlloc
HeapSize
GetThreadPriority
GetStdHandle
MultiByteToWideChar
FreeEnvironmentStringsW
HeapReAlloc
GetUserDefaultLCID
ExitProcess
SetSystemTime
GetCurrencyFormatW
VirtualAlloc
TlsGetValue
QueryPerformanceCounter
GetCurrentProcess
GetSystemInfo
GetModuleHandleA
EnterCriticalSection
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
InitializeCriticalSection
VirtualFree
GetFileAttributesExW
EnumSystemLocalesA
GetCurrentProcessId
WriteFile
GetTimeFormatA
SetConsoleCursorInfo
OutputDebugStringW
GetTickCount
GetLocaleInfoA
SetConsoleMode
DeleteCriticalSection
IsValidCodePage
HeapDestroy
RtlUnwind
CompareStringW
GetSystemTimeAsFileTime
InterlockedExchange
GetTimeZoneInformation
MapViewOfFile
WriteProfileStringA
FreeEnvironmentStringsA
VirtualProtect
GetLastError
GetStartupInfoA
HeapFree
TerminateProcess
LoadLibraryA
GetPriorityClass
SetLastError
UnhandledExceptionFilter
GetEnvironmentStringsW
GetModuleFileNameA

comdlg32

FindTextW
ChooseFontW
LoadAlterBitmap
ReplaceTextW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW
FindTextA
GetSaveFileNameA
PageSetupDlgA
GetOpenFileNameA
ReplaceTextA

shell32

ShellAboutW
SHBrowseForFolder
ExtractAssociatedIconExW
SHGetFileInfoW
SHFreeNameMappings
SHFileOperationW
RealShellExecuteExW
ShellAboutA
SHQueryRecycleBinW
SHGetMalloc
FindExecutableA
SHGetDataFromIDListW
DragQueryFileW
SHGetSpecialFolderPathA

user32

GetParent
IsCharLowerW
SetActiveWindow
GetMonitorInfoW
DefWindowProcA
EnumPropsExA
GetPropA
SetUserObjectInformationW
EnumDisplaySettingsW
TranslateAccelerator
OemToCharA

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edc0e0bda12afe9ad634577d8bb95da7

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

user32

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 279KB - Virtual size: 298KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 279KB - Virtual size: 298KB

.rsrc
Size: 11KB - Virtual size: 10KB