382161f95bf092a30810e044c410c6fb

Sharing

Copy URL Twitter E-mail

General

Target

382161f95bf092a30810e044c410c6fb
Size

113KB
MD5

382161f95bf092a30810e044c410c6fb
SHA1

09e3b5326dadf308c9320d7c5f0113994a0771cc
SHA256

e89b503175df55d65e297310ec7734cdbe244e17600b3ce1e7a1bd2a4ba47c67
SHA512

325e3b0907063051819460d9970a167de6404cff57a4e10420a1d4c2a096afd512eb5567bbdd765feb8d0069d7c257acf9741ce7d6e8408b7d49c816a7bf9433
SSDEEP

3072:zATBKTK7ogBt1xJ+RpCmkmUowvc7OoF9:zAgTK7osmkDtvc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
382161f95bf092a30810e044c410c6fb

Files

382161f95bf092a30810e044c410c6fb
.exe windows:4 windows x86 arch:x86

50f21d1c36474279acf7ea5eec9e939b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
VirtualAlloc
GetDiskFreeSpaceA
GetModuleHandleA
GetOEMCP
CreateProcessA
GlobalUnlock
VirtualProtect
SetFileTime
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime

msvcrt

_fullpath
__p__fmode
_acmdln
_itow
__set_app_type
isleadbyte
time
sprintf
__p__commode
__setusermatherr
_initterm
_strcmpi
log
__getmainargs
cos
strerror
_except_handler3
_adjust_fdiv
_XcptFilter
exit

user32

SetMenu
GetLastActivePopup
UpdateWindow
GetCapture
GetIconInfo

version

VerQueryValueA
VerLanguageNameA
VerInstallFileW
VerFindFileW
VerQueryValueW
GetFileVersionInfoSizeW
VerInstallFileA
GetFileVersionInfoSizeA

oleaut32

SysReAllocStringLen
SafeArrayRedim
VariantClear
VariantCopyInd
SetErrorInfo
CreateErrorInfo
SafeArrayGetUBound
SafeArrayUnaccessData
GetErrorInfo

gdi32

DPtoLP
BitBlt
CreateFontW
CreateRectRgn
IntersectClipRect
SetTextJustification
EnumMetaFile
MoveToEx
FrameRgn
CreatePatternBrush
CreateRoundRectRgn
CopyEnhMetaFileA
Ellipse
GetSystemPaletteEntries

comctl32

CreateToolbarEx
ImageList_Draw
ImageList_AddMasked
CreatePropertySheetPageW
ImageList_DragEnter
ImageList_Create
ImageList_DrawEx
ImageList_Remove

ole32

StgOpenStorage
CoGetClassObject
CoUninitialize
OleInitialize
DoDragDrop
IsEqualGUID
CoTaskMemAlloc
CoGetMalloc
CoReleaseMarshalData
ProgIDFromCLSID
CLSIDFromProgID
CoTaskMemRealloc

advapi32

CryptHashData
AdjustTokenPrivileges
CloseServiceHandle
RegDeleteValueA
RegEnumKeyExW
CheckTokenMembership
RegQueryInfoKeyA
AllocateAndInitializeSid

shell32

SHGetPathFromIDList
SHGetSpecialFolderPathA
ExtractIconW
SHGetFolderPathA

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50f21d1c36474279acf7ea5eec9e939b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

version

oleaut32

gdi32

comctl32

ole32

advapi32

shell32

Sections

.text Size: 54KB - Virtual size: 53KB

.data Size: 44KB - Virtual size: 43KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 54KB - Virtual size: 53KB

.data
Size: 44KB - Virtual size: 43KB

.rsrc
Size: 14KB - Virtual size: 14KB