2238dc1e8a4dd2479ff6e1162706e0b7

Sharing

Copy URL Twitter E-mail

General

Target

2238dc1e8a4dd2479ff6e1162706e0b7
Size

195KB
MD5

2238dc1e8a4dd2479ff6e1162706e0b7
SHA1

5aab6d741fa1b8f97603bdc286f216e5edf9989b
SHA256

14aa497561dc6d3e54d9fcede6d1323d4019982bed2ec4847c95210b853430b3
SHA512

42ec2590f1af451e14d2d71b00b7741fcabec36c1b6f9e3508ea28ddd4403950733269eb741c8ffc9b4a67d817490d895bf128c68d535a3640951c4253bad0e9
SSDEEP

3072:q0ni2D/L30sFgkDRO2afU8wK/EZEvTQFCHzLMCQ59uMG60eGQyz7:q0nfrL3NcfUjPZE73zgutVXH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2238dc1e8a4dd2479ff6e1162706e0b7

Files

2238dc1e8a4dd2479ff6e1162706e0b7
.exe windows:5 windows x86 arch:x86

9c28ea817d28dc784962db098939a91c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
SetThreadLocale
SetThreadUILanguage
SetEndOfFile
HeapReAlloc
HeapSize
WriteConsoleW
FlushFileBuffers
SetStdHandle
LoadLibraryW
CreateFileA
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GlobalAlloc
FreeEnvironmentStringsW
GetModuleFileNameA
LCMapStringW
RaiseException
GetLastError
DeleteCriticalSection
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
HeapCreate
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GlobalLock
GlobalUnlock
GlobalReAlloc
CreateFileW
CloseHandle
ReadFile
GetCommandLineA
Sleep
GetShortPathNameA
MultiByteToWideChar
CreateProcessA
WinExec
GetTempPathA
GetEnvironmentStringsW
CreateDirectoryA
GetProcAddress
GetProcessHeap
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
SetFilePointer
GetVolumeInformationA
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
DeleteFileA
HeapAlloc
HeapFree
RtlUnwind
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement

user32

GetWindowTextA
PostMessageA
GetDC
ReleaseDC
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
EnableWindow
EndDialog
SetRect
DialogBoxParamA
SetPropA
GetPropA
SetWindowLongA
IsDlgButtonChecked
MoveWindow
EnumDisplaySettingsA
SetWindowRgn
CheckDlgButton
SetFocus
SetWindowTextA
InvalidateRect
ShowWindow
RedrawWindow
SetTimer
SetDlgItemTextA
SetWindowPos
GetCapture
ReleaseCapture
GetClientRect
PtInRect
SetCapture
PostQuitMessage
DestroyWindow
KillTimer
LoadBitmapA
SendMessageA
GetAsyncKeyState
GetWindowRect
GetCursorPos
GetDlgItem
EnumWindows
LoadStringA
MessageBoxA
LoadImageA

gdi32

GetObjectA
CreateDIBSection
BitBlt
ExtCreateRegion
CombineRgn
DeleteDC
SelectObject
SetBkColor
SetTextColor
SetBkMode
CreateSolidBrush
CreateFontA
DeleteObject
CreateCompatibleDC

shell32

SHBrowseForFolderA
SHGetFolderPathA
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateInstance

shlwapi

SHDeleteValueA
SHSetValueA
SHGetValueA

comctl32

ord17

lz32

LZOpenFileA
LZRead
LZClose

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c28ea817d28dc784962db098939a91c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

comctl32

lz32

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 7KB - Virtual size: 7KB