39b4fabbf0724a60c54ea963308b0597

Sharing

Copy URL Twitter E-mail

General

Target

39b4fabbf0724a60c54ea963308b0597
Size

187KB
MD5

39b4fabbf0724a60c54ea963308b0597
SHA1

dd13fbbd288c0698f0404649ba9e50fb7cd8539f
SHA256

05e465783b274a11832aeb866b1359b72d5b9c51a0c02a89f0abd7ea2f017573
SHA512

ff6320ff982ad89cbfd3fb9bc8e06f2e3c1a61f2668e5bcc8b80a320d6104f7846fed2bb6377d1927ebb1829c19f381089530747fa89cc45247468ab388d75e8
SSDEEP

3072:eWMRVtVl4gkOfHt8J5r+XqwAxSIuw9XO8d8:epRXhpfN8f+XqwAII3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39b4fabbf0724a60c54ea963308b0597

Files

39b4fabbf0724a60c54ea963308b0597
.exe windows:4 windows x86 arch:x86

f51eedb0605b2aadab79593f2888ca53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
VirtualAlloc
GetCommandLineA
GetProcAddress
GetCommandLineW
LoadLibraryA
GetVersionExA
lstrlenW
GetModuleHandleA
LoadLibraryExA
IsBadReadPtr

comctl32

ImageList_GetBkColor
ImageList_Add
ImageList_Read

ole32

ReleaseStgMedium
CoUnmarshalInterface
CreateStreamOnHGlobal
MkParseDisplayName
CoReleaseMarshalData
StgCreateDocfileOnILockBytes
WriteClassStm
PropVariantClear
CoGetObjectContext
CoRegisterClassObject

msvcrt

sqrt
exit

gdi32

SetBkColor
LineTo
GetClipBox
CreateCompatibleDC
SetTextColor
BitBlt

oleaut32

RegisterTypeLib

shell32

SHGetSpecialFolderLocation

user32

GetActiveWindow
EmptyClipboard

Sections

CODE
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES36
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES22
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES89
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES45
Size: 1024B - Virtual size: 649B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES18
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES09
Size: 512B - Virtual size: 221B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES04
Size: 1024B - Virtual size: 929B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES80
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f51eedb0605b2aadab79593f2888ca53

Headers

File Characteristics

Imports

kernel32

comctl32

ole32

msvcrt

gdi32

oleaut32

shell32

user32

Sections

CODE Size: 17KB - Virtual size: 17KB

.data Size: 158KB - Virtual size: 157KB

RES36 Size: 512B - Virtual size: 433B

RES22 Size: 1KB - Virtual size: 1KB

RES89 Size: 2KB - Virtual size: 1KB

RES45 Size: 1024B - Virtual size: 649B

RES18 Size: 512B - Virtual size: 92KB

RES09 Size: 512B - Virtual size: 221B

RES04 Size: 1024B - Virtual size: 929B

RES80 Size: 1024B - Virtual size: 769B

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 17KB - Virtual size: 17KB

.data
Size: 158KB - Virtual size: 157KB

RES36
Size: 512B - Virtual size: 433B

RES22
Size: 1KB - Virtual size: 1KB

RES89
Size: 2KB - Virtual size: 1KB

RES45
Size: 1024B - Virtual size: 649B

RES18
Size: 512B - Virtual size: 92KB

RES09
Size: 512B - Virtual size: 221B

RES04
Size: 1024B - Virtual size: 929B

RES80
Size: 1024B - Virtual size: 769B

.rsrc
Size: 2KB - Virtual size: 2KB