23b17391a77a21ca358328d1b2b16deb

Sharing

Copy URL Twitter E-mail

General

Target

23b17391a77a21ca358328d1b2b16deb
Size

106KB
MD5

23b17391a77a21ca358328d1b2b16deb
SHA1

b650121bf2005592bbf60ece0398ac5012fa4401
SHA256

6de8c11868c722397463b14539c55317750d9f9b784a01f6cb2d51d01cf79bc6
SHA512

d210ecb9e95e287dcee0b4b4df24a3e54d646c4b4573fc9ed34c22fe87727a51428196eb01b4411861ceeb0d049b8f99de6a94ee2e65dc611be504c31b9fd96d
SSDEEP

1536:dM+p9oAOIHN1M11WTGgAapNYd88rzqBWCX5dMc6XtYXoDiK+2dKJ7elb9tOzTg:d75Or2KOiKWW9Cp+UK9efj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23b17391a77a21ca358328d1b2b16deb

Files

23b17391a77a21ca358328d1b2b16deb
.exe windows:4 windows x86 arch:x86

efe12e55c78910767df42f4c26860e30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__p__commode
_exit
_initterm
abort
fputc
_setmode
_vsnprintf
memset
malloc
__getmainargs
sinh
strncmp
_controlfp
strncpy
strstr
calloc
_except_handler3
__p___initenv
__p__fmode
__setusermatherr
free
_XcptFilter
__set_app_type
__dllonexit

comdlg32

GetOpenFileNameA

kernel32

GetFileType
GetLocaleInfoW
InterlockedCompareExchange
GetTimeZoneInformation
GetSystemDefaultLCID
GetNumberFormatA
GetCurrentThreadId
MoveFileA
IsBadWritePtr
lstrcmpiA
GetModuleFileNameA
DeviceIoControl
CreateDirectoryA

user32

DrawTextA
DialogBoxParamA
ReleaseCapture
SetDlgItemTextA
EnableWindow
InvalidateRect
ScrollWindow
wsprintfA
EnumThreadWindows
CallWindowProcA
SetScrollPos
SetClipboardData
IsWindowVisible
ClientToScreen
FillRect

advapi32

DeleteService
RegQueryInfoKeyW
LookupPrivilegeValueA
CryptReleaseContext
InitializeSecurityDescriptor
OpenServiceW
RegEnumKeyW
CopySid
RegSetValueExW
CryptAcquireContextA
InitiateSystemShutdownA

gdi32

GetPaletteEntries
EndPath
GetDIBits
GetEnhMetaFileDescriptionA
SetWindowExtEx
RectInRegion
GetTextCharsetInfo
GetObjectType
InvertRgn
GetCurrentObject
CreateICW
CloseMetaFile

comctl32

CreatePropertySheetPageA
ImageList_SetDragCursorImage
ImageList_Replace
ImageList_Remove
ImageList_EndDrag
ImageList_Add
ImageList_GetBkColor
InitCommonControlsEx
PropertySheetW
PropertySheetA

ole32

ReleaseStgMedium
CoGetInterfaceAndReleaseStream
OleSetClipboard
CoTaskMemRealloc
OleUninitialize
CLSIDFromString
CreateStreamOnHGlobal
CoCreateInstance
StgOpenStorageOnILockBytes
RevokeDragDrop
CoInitializeSecurity
StgCreateDocfileOnILockBytes
OleRun
CoGetClassObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efe12e55c78910767df42f4c26860e30

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

advapi32

gdi32

comctl32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 39KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 39KB

.rsrc
Size: 31KB - Virtual size: 30KB