218227e1834ea921dd26642a904954ee

Sharing

Copy URL Twitter E-mail

General

Target

218227e1834ea921dd26642a904954ee
Size

275KB
MD5

218227e1834ea921dd26642a904954ee
SHA1

97f238e286b972103e487409a8e217df8081170c
SHA256

7664322abe5c8022fc75f5c2fb0fce95324b4614c997cba4fcdfee9408a0dcda
SHA512

16b584f180a2da2199b577066ba25f87e5073d7851d2de16ac774fba1160fe8d109c461adc16174f0134db11b7dc32bdb2d594aa3ff9df4925917d9db4666f51
SSDEEP

6144:RxuFzc1eatXZ4Kqf8ICgpo3+3i4fDUc0CI1eh+2x:vuFzckapZ4KoZXC+3VfQK+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
218227e1834ea921dd26642a904954ee

Files

218227e1834ea921dd26642a904954ee
.exe windows:4 windows x86 arch:x86

446b002a0123cec0e074fcd73173c291

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
HeapCreate
IsDebuggerPresent
GetThreadPriority
GetStringTypeW
CompareStringW
HeapAlloc
LoadLibraryA
WriteFile
TlsAlloc
GetEnvironmentStringsA
SetEnvironmentVariableW
CompareStringA
GetCurrentThread
VirtualProtect
WideCharToMultiByte
GetCPInfo
GetTimeZoneInformation
GetUserDefaultLCID
TransmitCommChar
UnhandledExceptionFilter
GetFileType
GetVersionExA
GetLastError
lstrcatA
InitializeCriticalSection
GetStdHandle
GetTimeFormatA
GetProcAddress
EnterCriticalSection
GetSystemInfo
HeapFree
EnumDateFormatsW
GetEnvironmentStringsW
CreateSemaphoreW
IsBadWritePtr
VirtualQuery
SetLastError
IsValidCodePage
TlsGetValue
GetCommandLineA
IsValidLocale
EnumSystemLocalesA
GetStringTypeA
HeapReAlloc
SetHandleCount
ExitProcess
DeleteCriticalSection
SetConsoleCursorInfo
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LeaveCriticalSection
GetModuleHandleA
GetOEMCP
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
HeapDestroy
GetEnvironmentStrings
GetStartupInfoA
GetCurrentProcessId
GetModuleFileNameA
MultiByteToWideChar
GetDateFormatA
ConnectNamedPipe
GetTickCount
HeapSize
FreeEnvironmentStringsW
GetLocaleInfoW
VirtualFree
TlsFree
RtlUnwind
GetLocaleInfoA
GetSystemTimeAsFileTime
InterlockedExchange
SetEnvironmentVariableA
FreeEnvironmentStringsA

user32

SetDoubleClickTime
GetScrollBarInfo
DdeQueryConvInfo
DrawAnimatedRects
ClipCursor

gdi32

GetEnhMetaFileA
GetTextColor
StartDocW
ResizePalette
PolyTextOutW
GetRegionData
CreateMetaFileA
SetMiterLimit
EnableEUDC
PathToRegion
GdiPlayScript
GetBoundsRect

comdlg32

PrintDlgW
LoadAlterBitmap
ChooseFontW
GetSaveFileNameA
ReplaceTextW
FindTextW

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

446b002a0123cec0e074fcd73173c291

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 138KB - Virtual size: 153KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 138KB - Virtual size: 153KB

.rsrc
Size: 9KB - Virtual size: 9KB