37e9800e54d1d278795bceb130966321

Sharing

Copy URL

Twitter E-mail

General

Target

37e9800e54d1d278795bceb130966321
Size

459KB
MD5

37e9800e54d1d278795bceb130966321
SHA1

5cce5a9a977de68433281e8690b909a7be278380
SHA256

59380be47d051e33eae70e6770e165dd41e94cb6568826453d83741395cbad0a
SHA512

1f3924cdb2a91af94db4d70d6b1625c1466ec60a44b6609eac2cd389541d5b0b9f35d95e83a17f683a9970b90bf6b99ea4540442c7212dc27b9278c0cc197999
SSDEEP

12288:zPBZnuAA1uXcJzUyZmajRjPxBGdA6ZAZxfzjVz:LBZu6M1JMajbMdAPZD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e9800e54d1d278795bceb130966321

Files

37e9800e54d1d278795bceb130966321
.exe windows:4 windows x86 arch:x86

504f613d17c00183fd8d7e87ffc5e290

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PolyPolygon
CreateRectRgnIndirect
GetFontLanguageInfo
DeleteObject
ExtFloodFill
ChoosePixelFormat
CreateDIBPatternBrush
GetPixel
GetCharWidth32W
CheckColorsInGamut
gdiPlaySpoolStream
PlgBlt
GetMetaFileBitsEx
GetTextExtentPointW
Polyline
CancelDC
CloseMetaFile
GetEnhMetaFileW
TranslateCharsetInfo
EnableEUDC
GetPath
GetTextExtentPoint32A
GetKerningPairsW

user32

InsertMenuItemA
GetDC
EnumDisplayMonitors
LoadBitmapA
GetDlgItem
SendIMEMessageExA
CreateAcceleratorTableW
InternalGetWindowText
GrayStringA
LoadStringA
RemoveMenu

kernel32

HeapSize
InitializeCriticalSection
GetSystemInfo
VirtualQuery
LeaveCriticalSection
GetTimeZoneInformation
VirtualAlloc
GetOEMCP
GetVersionExA
GetFileType
EnterCriticalSection
GetStringTypeA
GetEnvironmentStrings
DeleteCriticalSection
HeapCreate
EnumSystemLocalesA
FreeEnvironmentStringsW
GetTempFileNameA
LCMapStringW
SetLastError
UnhandledExceptionFilter
TlsFree
GetCurrentProcessId
GetTimeFormatA
IsValidLocale
GetCommandLineA
GetUserDefaultLCID
InterlockedExchange
GetPrivateProfileSectionW
CompareStringA
TlsSetValue
HeapFree
GetCurrentThreadId
SetHandleCount
CreateWaitableTimerW
IsBadWritePtr
LCMapStringA
GetCPInfo
CompareStringW
VirtualFree
GetProcAddress
QueryPerformanceCounter
TerminateProcess
GetSystemTimeAsFileTime
GetLocaleInfoW
GetModuleHandleA
CreateFileMappingA
SetEnvironmentVariableA
GetStartupInfoA
TlsGetValue
GetStringTypeW
FreeEnvironmentStringsA
WriteFile
GetEnvironmentStringsW
HeapDestroy
IsValidCodePage
GetCurrentThread
VirtualProtect
GetDateFormatA
MultiByteToWideChar
GetACP
RtlUnwind
GetLastError
TlsAlloc
LoadLibraryA
GetStdHandle
HeapReAlloc
ExitProcess
GetTempFileNameW
WideCharToMultiByte
GetModuleFileNameA
HeapAlloc
GetLocaleInfoA
GetCurrentProcess
GetTickCount

shell32

SHGetNewLinkInfo

comdlg32

GetOpenFileNameA

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

504f613d17c00183fd8d7e87ffc5e290

Headers

File Characteristics

Imports

gdi32

user32

kernel32

shell32

comdlg32

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 7KB - Virtual size: 27KB

.data Size: 321KB - Virtual size: 320KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 7KB - Virtual size: 27KB

.data
Size: 321KB - Virtual size: 320KB

.rsrc
Size: 9KB - Virtual size: 8KB