21090c16f5fd83e932fa26a3ceec2158

Sharing

Copy URL Twitter E-mail

General

Target

21090c16f5fd83e932fa26a3ceec2158
Size

105KB
MD5

21090c16f5fd83e932fa26a3ceec2158
SHA1

0b0f5ecbe3b16aefba8b27eaa5a81ecf6a5ef232
SHA256

76fd93d7cdb12897ac5b510e0d2d442a59a8bccb319816fa58e3cca9e7e5e834
SHA512

039e8a56e683ec5c690d12c89cd88e3f8af21957ed03e9ec0f1be0b9031b6468edc26cd8360b92b8c1acde1e9165f1cf4675a1cd8c2ee4f3873ee758ea094c9d
SSDEEP

3072:Hd1T/n0gWsHQPQ0qQIssD6yvg974Jm+NG8o:D/0xPzsB2J4o3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21090c16f5fd83e932fa26a3ceec2158

Files

21090c16f5fd83e932fa26a3ceec2158
.exe windows:4 windows x86 arch:x86

194cf073df1b66332ade1b9b671beca5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
lstrcatA
WideCharToMultiByte
GetStdHandle
lstrlenA
GetFileAttributesA
GetModuleFileNameA
GetLastError
GetFileSize
GetStringTypeA
GetCommandLineA
lstrcpynA
HeapFree
GetDateFormatA
GetLocalTime
GetFileType
Sleep
lstrcpyA
GlobalAlloc
lstrcmpA

user32

GetDlgItem
LoadMenuA
LoadCursorA
GetDC
DrawIcon
AlignRects
DialogBoxParamA
DrawTextA
GetCursor
CopyIcon
GetWindowTextLengthA
CopyImage
BlockInput
IsMenu
GetMenu
CalcMenuBar
EndDialog
CalcMenuBar
GetMenu
GetFocus
EndDialog
GetWindowTextLengthA
AlignRects
CopyRect
GetWindowTextA
LoadMenuA
DrawIconEx
LoadCursorA
IsMenu
DrawTextA
CreateIcon
GetDC
GetDlgItem
DialogBoxParamW
DrawIcon
GetCursor

comctl32

ImageList_EndDrag
ImageList_DragMove
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_Merge
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_GetDragImage
ImageList_LoadImage
ImageList_Create
ImageList_DragEnter
ImageList_DrawIndirect
ImageList_AddIcon
ImageList_Replace
ImageList_Remove
ImageList_LoadImageW

advapi32

RegQueryValueExA
RegDeleteValueW
RegEnumKeyW
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegReplaceKeyA
RegDeleteKeyA
RegQueryInfoKeyW
RegOpenKeyW
RegDeleteKeyW
RegLoadKeyA
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

Sections

.LFLev
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sABRZ
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zmLZEH
Size: 6KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IIGl
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

194cf073df1b66332ade1b9b671beca5

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.LFLev Size: 15KB - Virtual size: 15KB

.sABRZ Size: 28KB - Virtual size: 28KB

.zmLZEH Size: 6KB - Virtual size: 41KB

.IIGl Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 4KB

.LFLev
Size: 15KB - Virtual size: 15KB

.sABRZ
Size: 28KB - Virtual size: 28KB

.zmLZEH
Size: 6KB - Virtual size: 41KB

.IIGl
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 4KB