39c20ae122be03d7bc23f1447cd3c684

Sharing

Copy URL Twitter E-mail

General

Target

39c20ae122be03d7bc23f1447cd3c684
Size

190KB
MD5

39c20ae122be03d7bc23f1447cd3c684
SHA1

70ed6714ef56ff23064db1195545476889a8b679
SHA256

da6a45df1bebec853ac873103b3888e4dbbb1a724d2e423cc8c663a2e16a52fa
SHA512

a5a52d8cab9ce4c9d15034fee6d643e021163cfd73e24a890892b155821c2b1af7ff7d20862651e40182f436c096b5a07d683933e1f68604d41c8443d9453c1e
SSDEEP

3072:hdacnLTOxjQR9kW7bzxSH0S7+vM12Tc1K5HqguwB+SQVjDsLjaFYPSbvhQaf7:jacXOJnW3zmjU/TQq2JtVjILWFYPSbCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c20ae122be03d7bc23f1447cd3c684

Files

39c20ae122be03d7bc23f1447cd3c684
.exe windows:4 windows x86 arch:x86

0461b43850c25960ff186d62fd464045

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW
PathRemoveFileSpecW
PathAppendW

kernel32

LoadLibraryW
FindFirstFileW
GetCalendarInfoW
SystemTimeToFileTime
GetFileAttributesW
FindNextFileW
SetFileTime
GetThreadContext
ConvertDefaultLocale
CreateFileW
EnumResourceLanguagesW
GetCurrentProcessId
InterlockedDecrement
GetSystemDefaultLangID
LocalFileTimeToFileTime
GetCurrentDirectoryW
EnumResourceNamesA
lstrcpyW
SetFilePointer
FindClose
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
ReadFile
GetLocaleInfoW
RemoveDirectoryW
CreateDirectoryW
MoveFileW
GetVersion
DeleteFileW
WriteFile
GetProcAddress

gdi32

SelectObject
PtVisible
ScaleWindowExtEx
ExtTextOutW
GetDeviceCaps
ScaleViewportExtEx
DeleteDC
GetMapMode
GetTextColor
GetBkColor
TextOutW
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
ExtSelectClipRgn
RectVisible
Escape
GetStockObject
GetRgnBox

user32

CreateWindowExW
GetClassLongW
CharNextW
WinHelpW
GetNextDlgGroupItem
SendDlgItemMessageA
MessageBeep
SetPropW
CopyAcceleratorTableW
InvalidateRgn
GetClassInfoExW
InvalidateRect
IsRectEmpty
GetPropW
CharUpperW
SetRect
RegisterWindowMessageW
GetNextDlgTabItem
RemovePropW
DestroyMenu

ole32

CoRevokeClassObject
CoUninitialize
OleUninitialize
OleFlushClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
CoTaskMemFree
CoInitialize
CoRegisterMessageFilter
CLSIDFromProgID
OleIsCurrentClipboard
OleInitialize
CoCreateInstance
CoTaskMemAlloc
CoFreeUnusedLibraries
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0461b43850c25960ff186d62fd464045

Headers

File Characteristics

Imports

advapi32

shlwapi

kernel32

gdi32

user32

ole32

oleacc

shell32

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 80KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 80KB

.edata
Size: 1024B - Virtual size: 116KB