19fc6363596962dabd7f92eda34f173e

Sharing

Copy URL Twitter E-mail

General

Target

19fc6363596962dabd7f92eda34f173e
Size

53KB
MD5

19fc6363596962dabd7f92eda34f173e
SHA1

f5f001f4d5835ad1470e60fef5b8388abe739238
SHA256

bc12234e28e0a7d9846eb89701b18753366190a90a4e913423e22d2a90429895
SHA512

0462d572cf8acc8c1b95ef98b6ff358a32c8615d5c3484aae36cc1d9b909f22d0090efb5863138fbb345b2fd3ea1ba1ea18cc00cec1f7f987008ea937d08a1f2
SSDEEP

1536:1M/Us0+vXnZ+vnVG0cvAldpcvMrguDCMQqNMmksDIF:10Ush/nZAnM0csUigmCaNJkQIF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19fc6363596962dabd7f92eda34f173e

Files

19fc6363596962dabd7f92eda34f173e
.exe windows:5 windows x86 arch:x86

6c02e958023b0c240aaef834a5560e5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
FindWindowExW
GetKeyState
GetClassNameW
GetClipboardData
DispatchMessageW
CloseDesktop
GetWindowTextW
SetProcessWindowStation
ExitWindowsEx
EndDialog
GetForegroundWindow
GetDlgItemTextW
GetMessageA
OpenWindowStationA
GetDlgItemTextA
SendMessageW
GetWindowThreadProcessId
MsgWaitForMultipleObjects
LoadCursorW
GetIconInfo
PeekMessageW
PeekMessageA
GetWindowLongW
GetKeyboardState
SetThreadDesktop
GetMessageW
ToUnicode
OpenDesktopA
GetCursorPos
CloseWindowStation
CharLowerBuffA
GetDlgItem

kernel32

GetTempPathW
GetCurrentThreadId
SetThreadPriority
DeleteFileW
FindResourceW
ReadFile
SetEvent
GetCurrentProcessId
GetSystemTimeAsFileTime
GetExitCodeProcess
GetSystemTime
WideCharToMultiByte
OpenProcess
CopyFileW
CreateMutexW
LeaveCriticalSection
FindFirstFileW
GetLastError
GetVersionExW
CreateFileW
ResetEvent
CreateFileMappingW
DisconnectNamedPipe
ReleaseMutex
GlobalLock
EnterCriticalSection
GetLocalTime
SetFilePointer
lstrcmpiW
GetModuleHandleA
WaitForSingleObject
GetThreadPriority
MoveFileExW
GetTimeZoneInformation
MapViewOfFile
GetProcessHeap
ExpandEnvironmentStringsW
GetUserDefaultUILanguage
lstrcpyA
GetTickCount
lstrcpyW
lstrcpynW
SetLastError
FindClose
WriteFile
GetFileSizeEx
GetComputerNameW
lstrlenA
GlobalUnlock
GetModuleFileNameA
CreateDirectoryW
GetLogicalDrives
GetDriveTypeW
HeapFree
GetFileSize
lstrlenW
MultiByteToWideChar

Sections

.yzuf
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jyt
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.topaj
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkpar
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c02e958023b0c240aaef834a5560e5c

Headers

File Characteristics

Imports

user32

kernel32

Sections

.yzuf Size: 18KB - Virtual size: 39KB

.jyt Size: 5KB - Virtual size: 10KB

.topaj Size: 1024B - Virtual size: 1KB

.lkpar Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.yzuf
Size: 18KB - Virtual size: 39KB

.jyt
Size: 5KB - Virtual size: 10KB

.topaj
Size: 1024B - Virtual size: 1KB

.lkpar
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB