38697f6fc18c248fa0dfd809b6d9f7a0

Sharing

Copy URL

Twitter E-mail

General

Target

38697f6fc18c248fa0dfd809b6d9f7a0
Size

135KB
MD5

38697f6fc18c248fa0dfd809b6d9f7a0
SHA1

f55f2fc058fe5d70bef2b4414f20dcdbef376304
SHA256

9fe704d0d09401328c70ac0f1ecc84465751cac465b83b218be91e30a6a9f549
SHA512

76f5434c6cfc7bcc4bde2eb92767ada76d5a992a7fd83ccbf5b301da35d15d0bb15c1ec72abee5a5145e617f49aee634023a9fcb5c246649f13b6e47d2c74442
SSDEEP

3072:bnk6Pga5viyALx9drY8+WxiwcdDzfaEr/h8/:Hga8hODWk7za0h8/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38697f6fc18c248fa0dfd809b6d9f7a0

Files

38697f6fc18c248fa0dfd809b6d9f7a0
.exe windows:5 windows x86 arch:x86

e89db08afa278a3de7f7ad9a9896ef45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord156
StrCmpNW
SHRegEnumUSKeyW
StrFormatByteSizeW
PathIsContentTypeA
SHRegSetPathW

shell32

ord173
SHBrowseForFolderA

kernel32

GetSystemInfo
lstrcmpiW
GetModuleHandleA
lstrcatW
lstrcpyW
OpenFile
SetFilePointer
SetFilePointerEx
_lclose
ClearCommBreak
EnumResourceTypesA
SetProcessPriorityBoost
TerminateThread
GetProcAddress
GetAtomNameW
GetHandleInformation
LocalAlloc
WaitForMultipleObjects
GetProcessAffinityMask
CreateMailslotA
GetFileTime
_lopen
CloseHandle
DeleteFileW
CopyFileExA
lstrcpyA
lstrcmpiA
GetTempPathW
LoadLibraryW
FileTimeToDosDateTime
FormatMessageA
GetModuleHandleW
FindResourceA
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
HeapDestroy

user32

EndPaint
DestroyIcon
DlgDirListW
IsWindowVisible
GetActiveWindow
CharLowerBuffA
CharUpperBuffA
GetWindowPlacement
LoadCursorW
SetForegroundWindow
EnumPropsW
RemovePropW
PostMessageW
SetMenuItemBitmaps
InvalidateRgn
SendMessageA
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
DispatchMessageA
SetMenuItemInfoA
GetPropW
LoadCursorFromFileA
GetDC
GetDesktopWindow
SetWindowTextW

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetBitmapBits
GetSystemPaletteEntries
LineTo
SetBoundsRect
GetCharWidth32W
ExtCreateRegion
SetViewportOrgEx
GetTextExtentPoint32W
SetBkColor
AngleArc
OffsetClipRgn
SetTextCharacterExtra
CreateScalableFontResourceW
UpdateColors

advapi32

ObjectDeleteAuditAlarmA
GetSidLengthRequired
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmW

Exports

Exports

_Copy_Gif@12
_Create_Gif@12
_Set_Gif@12
_Update_Gif@12

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IMPORT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e89db08afa278a3de7f7ad9a9896ef45

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.code Size: 7KB - Virtual size: 7KB

.data Size: - Virtual size: 160B

.vars Size: 512B - Virtual size: 496B

.zero Size: 512B - Virtual size: 512B

.const Size: 512B - Virtual size: 195B

IMPORT Size: 3KB - Virtual size: 3KB

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 706B

.text
Size: 6KB - Virtual size: 5KB

.code
Size: 7KB - Virtual size: 7KB

.data
Size: - Virtual size: 160B

.vars
Size: 512B - Virtual size: 496B

.zero
Size: 512B - Virtual size: 512B

.const
Size: 512B - Virtual size: 195B

IMPORT
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 706B