29161ec3f250f63d659414f8e32b0b89

Sharing

Copy URL

Twitter E-mail

General

Target

29161ec3f250f63d659414f8e32b0b89
Size

157KB
MD5

29161ec3f250f63d659414f8e32b0b89
SHA1

35abe61fefe668d329b73a68a65d1098db5c9168
SHA256

73f52e38ae7c9e66f702c34cbfa5d1db00852274ebfec2efdbd0d71b19a04ecd
SHA512

312d2c319fffffe9c3ee888f7c485e23a443a383f4e94fa675557b1da24bc5d840fdb43eb691c8eef4fed4ba8004b1e5a9e58be83a2456a6ab5c5e1a606f0c15
SSDEEP

3072:j6CIAhi93Cxa9UbCoQNLZqy4V+H0Y9zW3IbaMvxvG1RvXcfpPPurRI:eCThi9yIisNP4TY9KiHvxvG3Ed

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29161ec3f250f63d659414f8e32b0b89

Files

29161ec3f250f63d659414f8e32b0b89
.exe windows:4 windows x86 arch:x86

3e62d23938d5c6bcebc97085da8539d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckMenuItem
DrawIconEx
GetDC
CreateMenu
SetWindowPos
GetClientRect
GetMenuState
IsWindowEnabled
IsChild
RegisterClassA
GetClassInfoA
ClientToScreen
HideCaret
ShowScrollBar
GetMenuItemCount
GetSubMenu
GetForegroundWindow
FindWindowA
CharLowerA
GetKeyNameTextA
CallWindowProcA
GetSysColor
EndPaint
CreateWindowExA
GetParent
IsWindowVisible
DrawFrameControl
DispatchMessageA
EnableWindow
GetScrollRange
IsMenu
DrawEdge
GetActiveWindow
GetMenu
GetScrollPos
CreatePopupMenu
GetClassLongA
EnumWindows
FrameRect
TrackPopupMenu
GetSysColorBrush
EnableScrollBar
CharNextA
GetLastActivePopup
EnumThreadWindows
SetCursor
DispatchMessageW
CallNextHookEx
DrawTextA
MessageBoxA
CharToOemA
GetFocus
BeginDeferWindowPos
GetMessagePos
IsDialogMessageA
GetDlgItem
EndDeferWindowPos
DefWindowProcA
SystemParametersInfoA
GetMenuItemID
GetCursor
GetScrollInfo
DefFrameProcA
SetWindowLongA
BeginPaint

advapi32

RegEnumKeyA
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyA

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA
DragQueryFileA
SHGetFolderPathA

kernel32

FreeLibrary
CreateThread
lstrcmpiA
GetStartupInfoA
GetFileSize
RaiseException
FreeResource
SetFilePointer
EnterCriticalSection
LoadLibraryA
GetModuleFileNameA
FindResourceA
GetOEMCP
ExitThread
LocalFree
LoadResource
VirtualAllocEx
GetVersionExA
lstrcpyA
GetEnvironmentStrings
GetFullPathNameA
ResetEvent
LocalAlloc
ReadFile
GetDateFormatA
GlobalAlloc
HeapAlloc
LocalReAlloc
SizeofResource
Sleep
SetLastError
SetHandleCount
GetModuleHandleA
ExitProcess
GetACP
FormatMessageA
GetDiskFreeSpaceA
CreateEventA
MoveFileA
GetCurrentThread
GetCommandLineA
GetStringTypeA
lstrcpynA
CloseHandle
GetCurrentProcess
GetLocalTime
GetProcAddress
FindFirstFileA
GetThreadLocale
DeleteCriticalSection
GetLocaleInfoA
EnumCalendarInfoA
lstrlenA
DeleteFileA
WaitForSingleObject
SetThreadLocale
GetCurrentProcessId
GlobalFindAtomA
GetStringTypeW
VirtualQuery
GetLastError
SetEndOfFile
SetErrorMode

ntdll

wcscat
RtlDeleteCriticalSection

msvcrt

srand
sprintf
calloc
wcschr
swprintf
sqrt
memcpy
clock
memset
rand
memmove
malloc
wcscspn
atol
wcstol
_acmdln
time
strlen

shlwapi

SHEnumValueA
PathIsDirectoryA
SHStrDupA
SHSetValueA

gdi32

CreateDIBSection
SetBkMode
SetTextColor

comctl32

ImageList_DragShowNolock
ImageList_Create
ImageList_Remove
ImageList_Add
ImageList_Destroy
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_Write

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e62d23938d5c6bcebc97085da8539d1

Headers

File Characteristics

Imports

user32

advapi32

shell32

kernel32

ntdll

msvcrt

shlwapi

gdi32

comctl32

Sections

.text Size: 30KB - Virtual size: 29KB

.bss Size: 117KB - Virtual size: 116KB

.tls Size: 5KB - Virtual size: 89KB

BSS Size: 1KB - Virtual size: 1KB

DATA Size: 2KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 29KB

.bss
Size: 117KB - Virtual size: 116KB

.tls
Size: 5KB - Virtual size: 89KB

BSS
Size: 1KB - Virtual size: 1KB

DATA
Size: 2KB - Virtual size: 1KB