368832b7f75b80eb2cef5e070840f1af

Sharing

Copy URL

Twitter E-mail

General

Target

368832b7f75b80eb2cef5e070840f1af
Size

167KB
MD5

368832b7f75b80eb2cef5e070840f1af
SHA1

b43570d654e505b5d916a6fed51aef682da5ccd4
SHA256

8f130af70df8eb159318fdf9e388008950e96a862f8891d08d9e264f2e770e62
SHA512

162c8ae998410ba7d3b3faf564427b39bcc38bb56853d8308dfd4ca13ec6202247e87d1f4725a97d981ecf29b2de7d2cd42bd6b773b3472a65ba0618eb42599e
SSDEEP

3072:1S1rM2fQsEcItMHC68A1Hc0zZ0wPAwR8Z7HSx+2RHq0o5:M1Y2fQGMe78uH3Z0wPoSDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
368832b7f75b80eb2cef5e070840f1af

Files

368832b7f75b80eb2cef5e070840f1af
.exe windows:4 windows x86 arch:x86

9a4c3b4dd8909f7247f2dc1ccc2a0a74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
MoveFileWithProgressW
HeapLock
GetModuleHandleA
GetLocaleInfoA
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
SetFilePointer
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
WriteFile
GetLastError
GetFileType
GetStdHandle
SetHandleCount
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
CloseHandle
GetStartupInfoA

user32

PostMessageW
LoadStringA
SetMenuItemBitmaps
DdeFreeStringHandle
GetGUIThreadInfo
CallMsgFilterA
SetScrollInfo
SetForegroundWindow
CharUpperBuffA
RegisterClassExA
IMPSetIMEA
SetClipboardViewer
IsCharAlphaNumericA
DialogBoxIndirectParamA
GetMessageTime
MapVirtualKeyExA
GetDialogBaseUnits
DispatchMessageW
DrawStateW
CharUpperA
GetDlgCtrlID
DdeClientTransaction
OffsetRect
SetWinEventHook
GetUserObjectInformationW
SetParent
GetKBCodePage
GrayStringA
CharNextA

oleaut32

VariantChangeTypeEx
SystemTimeToVariantTime
VarFormatFromTokens
VarAdd
VarNot
SysReAllocStringLen
VarFormatCurrency
RegisterTypeLi
SafeArrayDestroyData
SysStringLen
SafeArrayPutElement
OleLoadPicturePath
VarAnd

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a4c3b4dd8909f7247f2dc1ccc2a0a74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 243KB

.rsrc Size: 512B - Virtual size: 464B

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 243KB

.rsrc
Size: 512B - Virtual size: 464B