19d0b5922011574650b8352814f4a7ec

Sharing

Copy URL

Twitter E-mail

General

Target

19d0b5922011574650b8352814f4a7ec
Size

354KB
MD5

19d0b5922011574650b8352814f4a7ec
SHA1

1d40661f51e5ae0347a0835a2b239de41d4392f0
SHA256

f3308df945054ddab30c1a680b15bba0595b40f41ef207200cbecbd814bcd57c
SHA512

6fb5189fec1b0eb62b5c3dd6b2077e04efbe5055b857ee70187cd18adc161d18876ccd1ff289d2224690eac666a4a58c10bfac22a505f2f102975e4708c47efa
SSDEEP

6144:abNqVKYPxLXPxoskLH7/7iJsjoMy4EpznN+uLT9:abIVKgxbkLbTvjoMJEp7guL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19d0b5922011574650b8352814f4a7ec

Files

19d0b5922011574650b8352814f4a7ec
.exe windows:4 windows x86 arch:x86

5503d7b3892ab7246d904f4ab0039dc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgW
ChooseFontA
GetFileTitleW
GetFileTitleA

advapi32

RegQueryInfoKeyW
CryptDestroyHash

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStringTypeW
GetEnvironmentStrings
WriteConsoleA
CreateMutexA
VirtualFree
SetEnvironmentVariableA
IsDebuggerPresent
SetConsoleCtrlHandler
RtlUnwind
HeapAlloc
GetStdHandle
GetTimeZoneInformation
GetEnvironmentStringsA
DeleteCriticalSection
GetACP
IsValidLocale
HeapCreate
LoadLibraryA
GetMailslotInfo
SetLastError
GetCommandLineA
OpenMutexA
ReadFile
ReadConsoleOutputAttribute
GetModuleFileNameA
CreateFileA
TerminateProcess
WriteFile
GetCurrentThreadId
GetLastError
FreeEnvironmentStringsW
ExitProcess
CloseHandle
FreeResource
GetConsoleMode
CompareStringA
GetCurrentProcess
GetLocaleInfoW
FreeLibrary
EnterCriticalSection
GetOEMCP
GetCPInfo
GetConsoleCP
VirtualAlloc
UnhandledExceptionFilter
Sleep
WriteConsoleW
SetUnhandledExceptionFilter
GetVersionExA
IsValidCodePage
HeapSize
HeapDestroy
FlushFileBuffers
FreeEnvironmentStringsA
GetStartupInfoA
TlsAlloc
TlsGetValue
CompareStringW
HeapReAlloc
LeaveCriticalSection
GetCurrentProcessId
EnumSystemLocalesA
GetConsoleOutputCP
InterlockedIncrement
EnumTimeFormatsA
GetEnvironmentStringsW
GetCurrentThread
VirtualQuery
LCMapStringA
SetCriticalSectionSpinCount
GetCurrencyFormatW
GetModuleHandleA
HeapFree
LCMapStringW
GetTimeFormatA
GetProcessHeap
GetDateFormatA
InterlockedDecrement
MultiByteToWideChar
CreateWaitableTimerW
TlsSetValue
GetLocaleInfoA
SetFilePointer
InitializeCriticalSection
GetFileType
SetStdHandle
SetHandleCount
TlsFree
GetUserDefaultLCID
GetProcAddress
GetStringTypeA
GetTickCount
InterlockedExchange
OpenFileMappingA

user32

GetMenuDefaultItem
RegisterClassExA
GetFocus
AdjustWindowRect
InvalidateRect
RegisterClassA
DdeInitializeA
AppendMenuW
LoadCursorFromFileA

shell32

ShellExecuteExW

comctl32

InitCommonControlsEx

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5503d7b3892ab7246d904f4ab0039dc6

Headers

File Characteristics

Imports

comdlg32

advapi32

kernel32

user32

shell32

comctl32

Sections

.text Size: 233KB - Virtual size: 232KB

.rdata Size: 18KB - Virtual size: 38KB

.data Size: 93KB - Virtual size: 92KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 233KB - Virtual size: 232KB

.rdata
Size: 18KB - Virtual size: 38KB

.data
Size: 93KB - Virtual size: 92KB

.rsrc
Size: 9KB - Virtual size: 9KB