238308308dd2fb3a121a4c4138f574c9

Sharing

Copy URL Twitter E-mail

General

Target

238308308dd2fb3a121a4c4138f574c9
Size

148KB
MD5

238308308dd2fb3a121a4c4138f574c9
SHA1

33725e29215793b12f2b42b8fffa8c95c0749bdf
SHA256

a9382245fc7f801bbc9e8ce3ea77bef071231f774309ea0ccc1afe6705d790f0
SHA512

1fd612a7c0e0abf8fee3919edd87a6e35dcb567bb308dceb210ad87a8512cb208eb2ff858ebcdb6b94d6d92f3eccf99834e3750688caefd38041248ac5eb3d28
SSDEEP

3072:NlOKLY64bK+6jgKt3GVNBoUYndqXWgRF6tXE4RNd2FGyEmpfOU4dy:/Y64bK/ATkqGgRv8NcFjpWpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
238308308dd2fb3a121a4c4138f574c9

Files

238308308dd2fb3a121a4c4138f574c9
.exe windows:5 windows x86 arch:x86

1aa97a0fc03381c0cf968931f778e712

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCanonicalizeW
StrCmpW
StrToIntA
StrStrA
StrFromTimeIntervalW
PathCommonPrefixW

shell32

ord147

kernel32

SetFilePointer
FreeResource
GetCommState
FileTimeToDosDateTime
GetHandleInformation
CreateWaitableTimerA
GetCommandLineW
QueueUserAPC
OpenMutexW
CreateFileW
LoadLibraryExW
lstrcpyW
OpenSemaphoreW
GetNamedPipeInfo
CreateEventA
LoadLibraryW
UnlockFileEx

user32

GetMenu
DrawFocusRect
GetDC
SetScrollRange
DrawTextExW
DefFrameProcA
GetTopWindow
GetMenuItemID
GetWindowDC
SendDlgItemMessageA
GetWindowRect
ScreenToClient
RemovePropW
GetDlgItemInt
ScrollDC
GetMenuState
LoadCursorFromFileW
IsWindowUnicode
EnumPropsExW
DrawMenuBar
WindowFromDC
SetMenuInfo
SetCaretBlinkTime
GetSystemMetrics
IsWindowVisible
GetCaretBlinkTime
MessageBoxExA
GetKeyboardLayoutList
DefWindowProcW
EnumDisplaySettingsW
ActivateKeyboardLayout
SetMessageExtraInfo
GetWindow
SendMessageTimeoutW

gdi32

GetEnhMetaFileDescriptionW
GetRasterizerCaps
SetROP2
ChoosePixelFormat
GetCharABCWidthsW
LPtoDP
GetGraphicsMode
CreateCompatibleDC
GetWorldTransform
SetBrushOrgEx
GetLayout
SaveDC
FillPath
GetTextExtentExPointA
UpdateColors

advapi32

AddAuditAccessAce
GetAclInformation
GetCurrentHwProfileW

Exports

Exports

__GetClientRect@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.exdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.secimg
Size: 1024B - Virtual size: 597B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.memo0
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c_mem
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mem0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.datse
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1aa97a0fc03381c0cf968931f778e712

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.exdata Size: 2KB - Virtual size: 2KB

.secimg Size: 1024B - Virtual size: 597B

.data Size: 512B - Virtual size: 472B

.memo0 Size: 512B - Virtual size: 48B

.c_mem Size: 512B - Virtual size: 64B

.mem0 Size: 3KB - Virtual size: 2KB

.datse Size: 1024B - Virtual size: 636B

.rsrc Size: 128KB - Virtual size: 128KB

.reloc Size: 1024B - Virtual size: 952B

.text
Size: 8KB - Virtual size: 8KB

.exdata
Size: 2KB - Virtual size: 2KB

.secimg
Size: 1024B - Virtual size: 597B

.data
Size: 512B - Virtual size: 472B

.memo0
Size: 512B - Virtual size: 48B

.c_mem
Size: 512B - Virtual size: 64B

.mem0
Size: 3KB - Virtual size: 2KB

.datse
Size: 1024B - Virtual size: 636B

.rsrc
Size: 128KB - Virtual size: 128KB

.reloc
Size: 1024B - Virtual size: 952B