21151cf8003df1a83dcacf84ef24e2a2

Sharing

Copy URL

Twitter E-mail

General

Target

21151cf8003df1a83dcacf84ef24e2a2
Size

320KB
MD5

21151cf8003df1a83dcacf84ef24e2a2
SHA1

d45b2b3af2265c06696a7f69538765265b1bd97d
SHA256

ddabf47f4375d9b52d40ed25655e77079181c4f70d9623bab2f39f5ec44a0ea3
SHA512

d3aaa80c9804bfe23e075f115284db45feebbd4086851eb75a04f7eb3029573d255826119e4c2fed657b1c48ff8ec398937eb88adfbc9ec308e3f4880792c129
SSDEEP

6144:XbB8IHeMQjhIWPrjAlZbXJsPAzCi7/isD:XthHeMQjZPrgZbWCCi7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21151cf8003df1a83dcacf84ef24e2a2

Files

21151cf8003df1a83dcacf84ef24e2a2
.exe windows:4 windows x86 arch:x86

72c63112e4e4f74bf3fbaf935205191c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
SetPriorityClass
CopyFileA
MultiByteToWideChar
GetTempFileNameA
GetTempPathA
DeleteFileA
FindResourceA
LoadResource
LockResource
FreeResource
GetTickCount
GlobalLock
GlobalUnlock
CreateDirectoryA
GetFileAttributesA
GetStartupInfoA
GetModuleFileNameA
OpenFileMappingA
CloseHandle
CreateFileMappingA
GetLastError
MapViewOfFile
UnmapViewOfFile
GlobalAlloc
LocalAlloc
LocalLock
LocalUnlock
LocalFree
SizeofResource
GlobalReAlloc
WritePrivateProfileStringA
GetPrivateProfileStringA
WinExec
GetCurrentProcess
FlushFileBuffers
CreateFileA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
WriteFile
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
GetFileType
GetStdHandle
SetStdHandle
LCMapStringA
SetFilePointer
ReadFile
SetHandleCount
GlobalFree
VirtualAlloc
VirtualFree
IsBadWritePtr
HeapDestroy
ExitProcess
HeapCreate
GetCommandLineA
GetModuleHandleA
GetVersion
HeapReAlloc
HeapAlloc
HeapFree
LCMapStringW
GetProcAddress
RtlUnwind
SetEndOfFile
LoadLibraryA

user32

GetClientRect
DialogBoxParamA
UnionRect
EqualRect
GetMessageA
EndDialog
MoveWindow
IntersectRect
GetWindowRect
GetCursorPos
SetRect
IsWindow
GetDC
ReleaseDC
InvalidateRect
DestroyCursor
SetTimer
KillTimer
MessageBoxA
GetDesktopWindow
LoadCursorA
SetCursor
PtInRect
GetAsyncKeyState
EndPaint
BeginPaint
CopyRect
SetDlgItemTextA
GetDlgItemTextA
GetTopWindow
GetWindow
GetClassNameA
SetWindowLongA
IsWindowVisible
GetWindowLongA
SendMessageA
GetUpdateRect
EnumWindows
LoadIconA
IsRectEmpty
UpdateWindow
TranslateMessage
DispatchMessageA
PostQuitMessage
SetClassWord
SetWindowTextA
SetForegroundWindow
TrackPopupMenu
DestroyMenu
LoadMenuA
GetSubMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
RegisterClassA
OffsetRect
CheckMenuItem
SystemParametersInfoA
PostMessageA
SetWindowPos
FindWindowA
SetRectEmpty

gdi32

RealizePalette
DeleteObject
GetObjectA
DeleteDC
SetBkColor
BitBlt
SetMapMode
GetMapMode
CreateCompatibleBitmap
CreateBitmap
GetPixel
SelectObject
CreateCompatibleDC
GetDeviceCaps
GetStockObject
SetBkMode
CreatePalette
CreateDIBitmap
SelectClipRgn
SetRectRgn
CreateRectRgnIndirect
SelectPalette

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoUninitialize
CoCreateInstance

winmm

mciSendCommandA

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gda
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

72c63112e4e4f74bf3fbaf935205191c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

winmm

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 184KB - Virtual size: 182KB

.gda Size: - Virtual size: 1B

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 184KB - Virtual size: 182KB

.gda
Size: - Virtual size: 1B