21569048cbf0200405f0cfd4f05e5fee

Sharing

Copy URL Twitter E-mail

General

Target

21569048cbf0200405f0cfd4f05e5fee
Size

140KB
MD5

21569048cbf0200405f0cfd4f05e5fee
SHA1

9a82e0f3733aae8d14f109f78ca72cf26e2c8791
SHA256

98a561ba1fdb4c0f090976924a87fc3b3702c7fed1b66d048b79e4c5bcb9ef33
SHA512

80c753638815de063dfc102d896653562823ea59ce7903b11096acaa668cf00a135aa8f07c31228a12d74ebaa7f898bbed1d7e895c656e1362a0cd8c91cb8b98
SSDEEP

3072:Yr+IP4dpywSjKMXma42nVXyLYwIm4PlJsJw8qZnJySoMnbldFVEC2/i:Yr+Ip/jKMXYkVrwIPicZoQbld0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21569048cbf0200405f0cfd4f05e5fee

Files

21569048cbf0200405f0cfd4f05e5fee
.exe windows:5 windows x86 arch:x86

010195ce70cd4ecb3142aaf0fa5e6e4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
GetIconInfo
GetKeyNameTextA
DestroyIcon
RegisterClassA
UpdateWindow
CharLowerA
DrawEdge
SetWindowsHookExA
GetClassNameA
UnregisterClassW
TranslateMessage
GetMessageA
ClipCursor
GetCapture
ShowCaret
GetMessageTime
CallWindowProcW
MapVirtualKeyW
NotifyWinEvent
SetScrollInfo
GetKeyState
PostMessageA
RedrawWindow
SendMessageW
CharUpperA
GetWindowThreadProcessId
GetUpdateRect
SetDlgItemTextA
SetActiveWindow
IsZoomed
DrawTextA
IsRectEmpty
CharToOemA
SetPropA
DrawCaption
CharLowerBuffA
UnhookWindowsHookEx
CharUpperBuffA

kernel32

GetProfileStringA
LocalAlloc
OpenEventA
CreateFileMappingA
HeapAlloc
MapViewOfFile
GetSystemInfo
VirtualQueryEx
FlushInstructionCache
GetStartupInfoA
CreateEventA
GetWindowsDirectoryA
GetLastError
HeapFree
GetACP
CreateThread
FreeLibrary
GetCurrentThreadId
FreeResource
CloseHandle
SetFilePointer
GetVersion
VirtualQuery
ReadFile
lstrlenW
IsValidLocale
GetModuleFileNameA
TerminateProcess
LoadResource
GetModuleHandleA
MapViewOfFileEx
WaitForMultipleObjects
GetFileAttributesA
UnmapViewOfFile
GlobalAlloc
GetDateFormatA
GetFileAttributesW
WideCharToMultiByte
GetCurrentProcess
GetUserDefaultLCID
ResumeThread
GetModuleHandleA
EnterCriticalSection

ole32

CreateDataAdviseHolder
ReleaseStgMedium
IsAccelerator
OleGetClipboard
CoTaskMemFree
IsEqualGUID
DoDragDrop
CoDisconnectObject

oleaut32

SafeArrayGetElement
VariantInit
SafeArrayAccessData
GetActiveObject
SafeArrayCreate

comctl32

ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_LoadImageA
ImageList_Remove
ImageList_GetIconSize
ImageList_Create

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey
RegFlushKey

gdi32

GetNearestColor
SelectClipRgn
SetPixelV
GetTextAlign
Polygon
GetRandomRgn
Ellipse
GetMapMode
MoveToEx
CreatePalette
SetRectRgn
TextOutA
MaskBlt
SetTextColor
UnrealizeObject
SetWindowExtEx
SetEnhMetaFileBits
CreateEnhMetaFileA

winmm

timeGetTime
timeEndPeriod

p2pspmgr

_LEps
_FDscale
_FDnorm
_Sinh
_Stof
_Tolower
_Getcvt
_Hugeval

imm32

ImmReleaseContext

shell32

DragQueryPoint

Sections

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010195ce70cd4ecb3142aaf0fa5e6e4a

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

ole32

oleaut32

comctl32

advapi32

gdi32

winmm

p2pspmgr

imm32

shell32

Sections

.text Size: 114KB - Virtual size: 116KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 114KB - Virtual size: 116KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB