2205d71942031fa8ebccf7fb70fc0a5b

Sharing

Copy URL Twitter E-mail

General

Target

2205d71942031fa8ebccf7fb70fc0a5b
Size

132KB
MD5

2205d71942031fa8ebccf7fb70fc0a5b
SHA1

36623c4c04a6df1d9779da1f36d15eeacc110c08
SHA256

7d55aca551c0cd7743e41e76a75bea61a95e247879ef7dd378c730a7ad781b2a
SHA512

ff07d5bfd763eadce7e4105b220ab3efeae8f1eb465c5c88ec8d55c4cc833a460330921052ad35ebacf616585e1cb2c63a6b3f7e82dd2839fba5f3643675cf4d
SSDEEP

3072:kjKT5J5bmD1bKvYRYhHL3bVTbddUtm52VilkTROK:kuGC+YhHhddtwilkd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2205d71942031fa8ebccf7fb70fc0a5b

Files

2205d71942031fa8ebccf7fb70fc0a5b
.exe windows:4 windows x86 arch:x86

0968a06b84499defdf4e5eb3826ddaac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemTimeAsFileTime
GetSystemInfo
GetUserDefaultLangID
GetStartupInfoA
MultiByteToWideChar
VirtualProtect
GetEnvironmentVariableA
GetModuleHandleA
GetLocaleInfoW
MulDiv
ExitProcess
CompareFileTime

msvcrt

_XcptFilter
exit
_strcmpi
log10
_lock
cos
puts
_adjust_fdiv
_acmdln
_initterm
__p__commode
swprintf
__p__fmode
__setusermatherr
__getmainargs
__set_app_type
_controlfp
wcsstr
_except_handler3
wcslen

advapi32

RegEnumValueA
AdjustTokenPrivileges
OpenServiceA
AddAccessAllowedAce
LookupPrivilegeValueA
OpenSCManagerW
RegOpenKeyA
OpenThreadToken

user32

EnumWindows
MessageBeep
EmptyClipboard
FindWindowA
ShowOwnedPopups
SetClipboardData
EnableMenuItem
GetCursorPos

version

GetFileVersionInfoSizeA
VerInstallFileA
VerInstallFileW
VerFindFileW
VerQueryValueA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ole32

CLSIDFromProgID
OleSetClipboard
CoTaskMemAlloc
CoFreeUnusedLibraries
CoGetClassObject
ProgIDFromCLSID
StgOpenStorageOnILockBytes
OleSetMenuDescriptor
OleRun
StringFromIID
DoDragDrop
CoInitializeSecurity

comctl32

ImageList_GetBkColor
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_LoadImageW
CreateToolbarEx
ImageList_Write
ImageList_Read
ImageList_GetIcon
ImageList_DragLeave

gdi32

GetTextExtentExPointW
EndPage
GetViewportOrgEx
ExtSelectClipRgn

oleaut32

SysStringByteLen
SafeArrayCreate
SafeArrayGetElement
GetErrorInfo
SafeArrayGetUBound
VariantCopyInd
VariantInit
SysAllocStringLen
SysStringLen
VariantCopy

shell32

ExtractIconW
Shell_NotifyIconW
CommandLineToArgvW
ExtractAssociatedIconW
ExtractIconExW
ExtractIconExA
SHGetSettings
DragQueryFileW

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

varahez
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0968a06b84499defdf4e5eb3826ddaac

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

version

ole32

comctl32

gdi32

oleaut32

shell32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 96KB - Virtual size: 124KB

varahez Size: - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 96KB - Virtual size: 124KB

varahez
Size: - Virtual size: 4KB