3e968e67c530eaa9772e353aa4c456a8

Sharing

Copy URL Twitter E-mail

General

Target

3e968e67c530eaa9772e353aa4c456a8
Size

92KB
MD5

3e968e67c530eaa9772e353aa4c456a8
SHA1

cd4b06250138b6d3d2b9c9ed88b2fa636f7b943d
SHA256

2e629d0fe5aede545b272f9ea8dec4a46722ccc5bdc237a2bc3b4c0e0d387657
SHA512

108510eef1d56291653bd11cab15e475bf84891feb062de2971c0cd13e9be1cf33080d65245c12cf53d3bcf7f9fc7c884186d2e7385092aa9dfb1af53a99d55f
SSDEEP

1536:pAhvkBB2EDL2aeYEzMdLiSNcGSoBmy7jeVzTe/ssFe4m8:os+sL2aeDzMdmSNN7BmujCzTe/sId

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e968e67c530eaa9772e353aa4c456a8

Files

3e968e67c530eaa9772e353aa4c456a8
.exe windows:4 windows x86 arch:x86

70acabc625e3a22c1882892dcecf4845

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_Write
ImageList_DrawEx

gdi32

GetBkMode
GetBkColor

user32

LoadKeyboardLayoutA
GetSystemMetrics
EnableScrollBar
IsWindow
SetFocus
IsRectEmpty
GetSystemMenu
GetWindowDC
DefFrameProcA
GetMenuItemID
PostMessageA
GetClientRect
GetForegroundWindow
IsZoomed
RegisterClipboardFormatA
GetClassInfoA
FrameRect
DispatchMessageA
SetActiveWindow
GetMessagePos
GetKeyState
GetKeyboardState
GetDC
GetClipboardData
ShowWindow
OpenClipboard
CreateWindowExA
GetWindow
IsIconic
SetScrollPos
LoadIconA
UpdateWindow
CharUpperA
DrawMenuBar
FindWindowA
RegisterClassA
GetSysColor
AdjustWindowRectEx
SendMessageA
IsWindowVisible
GetMenuItemInfoA
DrawIcon
GetKeyNameTextA
LoadBitmapA
GetWindowLongW
SetTimer
GetScrollPos
RegisterWindowMessageA
DestroyCursor
OpenIcon
GetMenu
GetWindowPlacement
IsMenu
ScrollWindow
DrawTextA
GetSubMenu
CreateIcon
SetWindowTextA
KillTimer
SetCursor
GetWindowRect
MoveWindow
WindowFromPoint

kernel32

DeleteCriticalSection
GetACP
GetTickCount
SetErrorMode
FreeLibrary
HeapDestroy
lstrcmpA
GlobalDeleteAtom
LoadLibraryA
LocalFree
FormatMessageA
ExitProcess
GetCommandLineA
CreateFileA
InitializeCriticalSection
GetCurrentThreadId
RaiseException
GetFullPathNameA
lstrlenW
VirtualAllocEx
GlobalAddAtomA
lstrcpynA
CreateThread

Exports

Exports

_lg2aKLPxnBhb

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70acabc625e3a22c1882892dcecf4845

Headers

File Characteristics

Imports

comctl32

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 47KB - Virtual size: 47KB

.edata Size: 4KB - Virtual size: 3KB

.badata Size: 512B - Virtual size: 336B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 47KB - Virtual size: 47KB

.edata
Size: 4KB - Virtual size: 3KB

.badata
Size: 512B - Virtual size: 336B

.rsrc
Size: 8KB - Virtual size: 8KB