21304a527f35728e3d71545c7c6227de

General

Target

21304a527f35728e3d71545c7c6227de
Size

185KB
MD5

21304a527f35728e3d71545c7c6227de
SHA1

d9bc99476fc3bc432d5a936b34c71ab87f1d06a9
SHA256

f00395da1c2838b95084d18a8da2d6dbe89ae74b00508e4dafcd65198ba0843c
SHA512

d47c19954d5534e646f3d894c045d8a1e416c313cb57fb6700060601f0d051e0e75ab69e0f0e1e9279a05d08d9e355e5826dfee6201063d685da803aedc49893
SSDEEP

3072:gChtBiEUFOU7My+8X1No0ZB3oqPP9y55byHO5A0AAmmPHKh4zlqbT4E2JvwSct:nBiEUnQGNo0OEPsIu+BAmmPqh4zE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21304a527f35728e3d71545c7c6227de

Files

21304a527f35728e3d71545c7c6227de
.exe windows:4 windows x86 arch:x86

b2ffea4c531d1e7255f777a8bb1920ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCPInfo
GetLocaleInfoA
LoadLibraryA
SetThreadLocale
CreateFileA
CreateThread
GetCurrentThread
VirtualAlloc
ResetEvent
LoadLibraryExA
GetCommandLineA
GetThreadLocale
ExitThread
GetModuleHandleA
GetDiskFreeSpaceA
SetLastError
lstrcatA
MoveFileA

version

VerQueryValueA

comctl32

ImageList_Remove
ImageList_Add
ImageList_Destroy
ImageList_DragShowNolock
ImageList_Create
ImageList_Write

advapi32

RegEnumValueA
RegQueryValueExA
RegOpenKeyExA

user32

ScrollWindow
LoadKeyboardLayoutA
MessageBoxA
GetClipboardData
LoadCursorA
DestroyIcon
InsertMenuItemA
IsWindowEnabled
GetClientRect
SetScrollRange
SendMessageW
SetWindowPos
WindowFromPoint
TranslateMessage
SetCapture
GetDCEx
AdjustWindowRectEx
EnumThreadWindows
LoadIconA
IsWindowUnicode
CharNextA
SetMenuItemInfoA
CloseClipboard
EnumChildWindows
GetWindowTextA
GetKeyboardLayoutList
EnableMenuItem
DrawIconEx
CallNextHookEx

shell32

SHGetFileInfoA
SHGetFolderPathA
Shell_NotifyIconA
SHGetDesktopFolder

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2ffea4c531d1e7255f777a8bb1920ef

Headers

File Characteristics

Imports

kernel32

version

comctl32

advapi32

user32

shell32

Sections

CODE Size: 33KB - Virtual size: 33KB

.rdata Size: 3KB - Virtual size: 122KB

.data Size: 137KB - Virtual size: 137KB

.rsrc Size: 10KB - Virtual size: 9KB

CODE
Size: 33KB - Virtual size: 33KB

.rdata
Size: 3KB - Virtual size: 122KB

.data
Size: 137KB - Virtual size: 137KB

.rsrc
Size: 10KB - Virtual size: 9KB