25b4a6dbade1d2ff0f6368ba7ded062a

Sharing

Copy URL Twitter E-mail

General

Target

25b4a6dbade1d2ff0f6368ba7ded062a
Size

184KB
MD5

25b4a6dbade1d2ff0f6368ba7ded062a
SHA1

990e98456f527d970f73bcf504ad8152b2c931bd
SHA256

e88923b4d1222c7902f8267373a18b84485240d10871494937f5214bbb1408f0
SHA512

30af080d049b6973caa504079ae0b9bf943a1de3c50ac15cb4b12b08af798225e59abef7b50ec7e50da6c5ec8d64b036707b7ea5cc5735beac91f6a4b0303029
SSDEEP

3072:Tq1fD0U7pq021t8ogpHMnU+CyQuntyUGJ1Ddd6/tHl7NkHAg+lrvf:Tqv4f1uvvynnETylHxNkHZ+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25b4a6dbade1d2ff0f6368ba7ded062a

Files

25b4a6dbade1d2ff0f6368ba7ded062a
.exe windows:4 windows x86 arch:x86

3e8bfc60fb213423f6683568911a53c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetNextDlgGroupItem
InvalidateRect
InvalidateRgn
MessageBeep
GetClassInfoExW
WinHelpW
CharNextW
SetRect
IsRectEmpty
GetClassLongW
SetPropW
CharUpperW
CreateWindowExW
GetNextDlgTabItem
SendDlgItemMessageA
CopyAcceleratorTableW
GetPropW
RegisterWindowMessageW
RemovePropW
DestroyMenu

kernel32

GetCalendarInfoW
GetFileAttributesW
GetVersion
SetFileTime
RemoveDirectoryW
SetFilePointer
GetCurrentProcessId
FindNextFileW
FindFirstFileW
LocalFileTimeToFileTime
EnumResourceLanguagesW
WideCharToMultiByte
GetThreadContext
lstrcpyW
MultiByteToWideChar
DeleteFileW
ReadFile
EnumResourceNamesA
MoveFileW
GetCurrentDirectoryW
WriteFile
GetSystemDefaultLangID
CreateFileW
CreateDirectoryW
InterlockedDecrement
ExitProcess
SystemTimeToFileTime
GetLocaleInfoW
ConvertDefaultLocale
FindClose
LoadLibraryW
GetModuleFileNameW
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathStripToRootW
PathFileExistsW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathAppendW

gdi32

ScaleViewportExtEx
ExtSelectClipRgn
SetWindowExtEx
ScaleWindowExtEx
SetViewportOrgEx
PtVisible
GetDeviceCaps
OffsetViewportOrgEx
ExtTextOutW
GetTextColor
GetMapMode
DeleteDC
Escape
RectVisible
TextOutW
GetBkColor
GetStockObject
SelectObject
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegQueryValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

ole32

CLSIDFromProgID
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoUninitialize
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
OleUninitialize
CoGetClassObject
CoCreateInstance
OleFlushClipboard
CoRevokeClassObject
OleInitialize
StgCreateDocfileOnILockBytes
CoInitialize
CLSIDFromString

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e8bfc60fb213423f6683568911a53c8

Headers

File Characteristics

Imports

user32

kernel32

oleacc

shlwapi

gdi32

shell32

advapi32

ole32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 78KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 78KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 240KB