293181a7be81a429d15f4ab79996640f

Sharing

Copy URL Twitter E-mail

General

Target

293181a7be81a429d15f4ab79996640f
Size

169KB
MD5

293181a7be81a429d15f4ab79996640f
SHA1

aa6896dfdf98a7d2ad4615973cf683c4e60845e2
SHA256

976c3b9664973fb8fea4a0c861c1bc8d58283557397951098ac80b0353f45665
SHA512

39bb718fc8f69f052740d5e6c194b0991f3244a356f6717bb8a5bff9b697f4d9ec842dc581a53f7b8b616accc199afa653e55fa06594fc6299f9ad0e8f915503
SSDEEP

3072:vgAM7O8gwEDNwKgbugz7emHz0EE3Z8VEZxaX5zl2XbBHi:v8jcwKlgL0EEJ8VEZxPLBHi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
293181a7be81a429d15f4ab79996640f

Files

293181a7be81a429d15f4ab79996640f
.exe windows:4 windows x86 arch:x86

077b9f8d235a96035411ee8e07887bd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetProcessWorkingSetSize
GetCurrentProcess
GetCurrentThreadId
lstrlenA
GetModuleFileNameA
GetCommandLineA
WideCharToMultiByte
GetSystemDefaultLCID
lstrlenW
ExitProcess
SleepEx
LockResource
FreeLibrary
LoadLibraryA
HeapAlloc
HeapFree
ReleaseSemaphore
CloseHandle
WaitForSingleObject
CreateThread
CreateSemaphoreA
HeapCreate
GetProcAddress
GetLastError
WriteProcessMemory
OpenProcess
GetCurrentProcessId
GetVolumeInformationA
ReadFile
CreateFileA
SetLastError
EnumResourceNamesA
CompareStringA
SetEndOfFile
LoadResource
GetStringTypeA
IsBadCodePtr
GetSystemInfo
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetCPInfo
GetOEMCP
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetCurrentDirectoryA
FindResourceA
CompareStringW
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetFullPathNameA
HeapSize
SetEnvironmentVariableA
TerminateProcess
IsBadWritePtr
HeapDestroy
VirtualQuery
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
HeapReAlloc
GetStartupInfoA
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
GetLocaleInfoA
GetACP
GetStringTypeW
InterlockedExchange
IsBadReadPtr
VirtualFree
VirtualProtect
VirtualAlloc

user32

SetFocus
SetWindowTextW
ShowWindow
SendMessageA
IsWindow
CreateWindowExA
PostQuitMessage
PostThreadMessageA
RegisterWindowMessageA
MessageBoxW
DispatchMessageA
TranslateMessage
GetMessageA
PostMessageA
LoadStringA
MessageBoxA
GetClassNameA
LoadImageA
LoadIconA
EnableWindow
GetSystemMetrics
SetClassLongA
SetWindowTextA
FindWindowA
SetForegroundWindow
SetWindowsHookExA
CallNextHookEx

ole32

CreateStreamOnHGlobal
CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
VariantCopy
SysFreeString
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysAllocStringLen

shlwapi

StrCmpIW
StrStrIA

comctl32

ord412
ord413
ord410

psapi

GetModuleBaseNameA

ws2_32

WSAStartup

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

077b9f8d235a96035411ee8e07887bd1

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

shlwapi

comctl32

psapi

ws2_32

Sections

.text Size: 127KB - Virtual size: 127KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 10KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 10KB

.rsrc
Size: 20KB - Virtual size: 20KB