239eb736324bd5180aea8daeb4000447

Sharing

Copy URL Twitter E-mail

General

Target

239eb736324bd5180aea8daeb4000447
Size

97KB
MD5

239eb736324bd5180aea8daeb4000447
SHA1

153305e31d9055aa20c1ae9c6982ce3ea41fb7c5
SHA256

08ab9ab40e9affb142b8acd745d213a7530f808de0c27eefca0876e25703d666
SHA512

5b3a96c7bf99b1b573c23d3c0be26ba5fb2e8ca49ab2aa7f7c0bff0ad3c68b0b16e817a9dd8c547752d5075732e1c42713a33f3c2ff8eec519f9d9a710588ea0
SSDEEP

3072:GMrkmpBu7KZYt6/RcQ+zMPakrOSDIC/4EY5PYg:TkmpBrZYqcQ+sOSDIW4EYt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
239eb736324bd5180aea8daeb4000447

Files

239eb736324bd5180aea8daeb4000447
.exe windows:5 windows x86 arch:x86

5eee65ef3e9410cc5a0f78e2a81a90c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
LoadLibraryA
FlushFileBuffers
LCMapStringW
IsProcessorFeaturePresent
GetStringTypeW
IsValidCodePage
GlobalFree
GetProcAddress
GetLastError
MultiByteToWideChar
GlobalUnlock
GlobalAlloc
GetTickCount
GlobalLock
GetCurrentProcess
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapCreate
CreateFileA
CreateFileW
GetStdHandle
GetModuleFileNameW
EncodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
DeleteCriticalSection
LoadLibraryW
SetHandleCount
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleW
SetFilePointer
RtlUnwind
SetEndOfFile
GetProcessHeap
ReadFile
GetCPInfo
GetACP
GetOEMCP

user32

GetPropA
LoadMenuA
DrawIcon
EnumWindows
MessageBoxA
DialogBoxIndirectParamA
FindWindowA

gdi32

SelectObject
GetStockObject
TextOutA
SetPixel

comctl32

ord17

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5eee65ef3e9410cc5a0f78e2a81a90c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB