37c2268615989986cabf27eb4e806a52

Sharing

Copy URL Twitter E-mail

General

Target

37c2268615989986cabf27eb4e806a52
Size

503KB
MD5

37c2268615989986cabf27eb4e806a52
SHA1

02bcb6c2b3da6b68cbd228eba59378550048c8ce
SHA256

7681e2ca2e3dbeb4b0e71bc5baefa151a947cd798ff8de7c30fdfada1b31298c
SHA512

cc9bb739e59fb2c6c9fb05bc8a62856856e4d9c8c23e81b3c7c9d6fbca9fe7848c01089d2f14b01add2038bc17b348bc6d1f234af34702855ef658294c002dc5
SSDEEP

12288:mgjFd/zfLDYoScPD4Aa2z49nHHEbHgD9A9XkR:mg3/zTXbTc9EzgZAuR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37c2268615989986cabf27eb4e806a52

Files

37c2268615989986cabf27eb4e806a52
.exe windows:4 windows x86 arch:x86

9f6f867c39baea47647f1c8e0a916308

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
SwitchDesktop
GetMessageTime
GetKeyNameTextW
CreateCaret
CopyIcon
RegisterClassExA
LoadIconA
LoadBitmapA
GetDlgItemTextA
EnumDesktopsA
DdeAccessData
GetCursorInfo
CheckDlgButton
PostQuitMessage
SetFocus
MonitorFromWindow

kernel32

IsValidCodePage
HeapAlloc
EnumResourceNamesW
ContinueDebugEvent
TlsAlloc
Sleep
GetProcAddress
SetHandleCount
CreateFileA
WaitForMultipleObjectsEx
GetLocaleInfoW
GetConsoleMode
EnumSystemLocalesA
SetLastError
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
GetOEMCP
GetLastError
VirtualProtect
HeapFree
GetCurrentThread
ExitProcess
GetStartupInfoA
WriteConsoleOutputCharacterA
GetModuleFileNameA
OpenMutexA
MultiByteToWideChar
TlsGetValue
GetACP
VirtualAlloc
LeaveCriticalSection
GetLocaleInfoA
GetEnvironmentStringsW
SetThreadAffinityMask
SetEnvironmentVariableA
lstrcmpiW
GetConsoleCP
InitializeCriticalSection
GetStringTypeA
GetCPInfo
GetExitCodeProcess
RtlFillMemory
CompareStringA
GetFileType
LCMapStringW
GetCurrentThreadId
GetTimeZoneInformation
IsValidLocale
InterlockedDecrement
DeleteCriticalSection
OpenProcess
GetTempFileNameW
GetTickCount
GetTimeFormatA
GetUserDefaultLCID
GetModuleHandleA
GetStdHandle
HeapDestroy
GetStringTypeW
ExpandEnvironmentStringsA
GetCurrentProcessId
EnterCriticalSection
CopyFileExA
VirtualLock
WideCharToMultiByte
CompareStringW
SetStdHandle
GetCommandLineA
UnhandledExceptionFilter
TlsSetValue
InterlockedIncrement
GetSystemTimeAsFileTime
GetDateFormatA
GetPrivateProfileStructA
VirtualFree
WriteFile
CreateMutexA
CloseHandle
RtlUnwind
GetNamedPipeHandleStateW
WriteConsoleW
HeapReAlloc
GetConsoleOutputCP
IsDebuggerPresent
LCMapStringA
ReadFile
TransmitCommChar
WriteConsoleA
GetProcessHeap
HeapSize
DosDateTimeToFileTime
GetEnvironmentStrings
GetVersionExA
VirtualQuery
GetCurrentProcess
QueryPerformanceCounter
TlsFree
TerminateProcess
LoadLibraryA
HeapCreate
FreeEnvironmentStringsW
FreeLibrary
FreeEnvironmentStringsA
SetConsoleCtrlHandler
InterlockedExchange

comctl32

InitCommonControlsEx

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f6f867c39baea47647f1c8e0a916308

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 9KB - Virtual size: 19KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 9KB - Virtual size: 19KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 10KB - Virtual size: 9KB