41c2b67f1edd3bb94da493d2243b9cc6

Sharing

Copy URL Twitter E-mail

General

Target

41c2b67f1edd3bb94da493d2243b9cc6
Size

22KB
MD5

41c2b67f1edd3bb94da493d2243b9cc6
SHA1

e788d555cfbf92d3f499eddc2aa4acbbed1c3a3d
SHA256

9f3cd56ee637a1a2305243843a0f37d578793e616ee593c104533bd1d4e6896a
SHA512

15e47b0100e49d3526469dc42cf818d392e9e2ea8eba004b2bf59435a1a6de66ec01d5ad626c847da50c4ba4fad0e76035de3be3a724c782b39a455d4ca2e78d
SSDEEP

384:/sHwtLHcytPnHvwLaT2i8ChbMHFmD0FIJtHDt/o8mLpzqK65eZXtBAGvYPCPKlZu:/KwtLcQ/4LK2i8OJD0FIJ1DtELpzqd09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41c2b67f1edd3bb94da493d2243b9cc6

Files

41c2b67f1edd3bb94da493d2243b9cc6
.exe windows:4 windows x86 arch:x86

a8407a21cf9c522e57ff70b4a5282d69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError

advapi32

RegSetValueW
RegSetValueExA
RegOpenKeyW
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExW
RegSetValueExW
RegCreateKeyA
RegCreateKeyW
RegCloseKey
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegQueryValueExA
RegNotifyChangeKeyValue
RegEnumValueW
RegDeleteKeyA
RegCreateKeyExW
RegDeleteKeyW

shell32

Shell_NotifyIconW
SHGetFileInfoW
ExtractIconW
ShellExecuteW

comdlg32

GetFileTitleW

comctl32

GetEffectiveClientRect

user32

LoadBitmapW
GetSystemMetrics
EnableMenuItem
DrawTextW
GetSubMenu
GetWindowDC
GetSysColorBrush
CheckMenuItem
ShowWindow
InsertMenuW
ModifyMenuW
FillRect
SetWindowsHookExW
PtInRect
SetActiveWindow

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

HeapReAlloc
GetStringTypeExW
GetFileAttributesA
CopyFileW
LeaveCriticalSection
HeapFree
CreateProcessW
GetModuleFileNameW
LoadLibraryA
FindNextFileW
lstrlenW
LockResource
GetFileAttributesW
GetProcessHeap
EnterCriticalSection
GlobalLock
GetFullPathNameW
LockFile
TerminateProcess
lstrlenA
FlushFileBuffers
GlobalAlloc
FindResourceW
TlsGetValue
DuplicateHandle
GetSystemInfo
GlobalFree
MoveFileW
GetThreadLocale
MulDiv
LoadResource
SizeofResource
lstrcpyA
LocalAlloc
DeleteFileW
Sleep
GetVolumeInformationW
GetShortPathNameW
CreateFileW
ResetEvent
FindFirstFileW
CreateEventW
VirtualAlloc
SetFilePointer
WriteFile
SetLastError
SetEndOfFile
GlobalUnlock
WaitForSingleObject
HeapAlloc
GetLastError
CloseHandle
lstrcmpiW
UnlockFile
GetFileSize
FormatMessageW
GetCurrentProcessId
WideCharToMultiByte
FindClose
GetCurrentProcess
GetVersionExW
ReadFile
GlobalReAlloc

shlwapi

PathIsUNCW
PathFindFileNameW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

Sections

.data
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8407a21cf9c522e57ff70b4a5282d69

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

advapi32

shell32

comdlg32

comctl32

user32

version

kernel32

shlwapi

oleacc

Sections

.data Size: 2KB - Virtual size: 80KB

.reloc Size: 512B - Virtual size: 24B

.text Size: 512B - Virtual size: 484B

.rsrc Size: 9KB - Virtual size: 8KB

.rdata Size: 8KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 80KB

.reloc
Size: 512B - Virtual size: 24B

.text
Size: 512B - Virtual size: 484B

.rsrc
Size: 9KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 8KB