42b1c95706127adaac3b0d768fea4d31

Sharing

Copy URL Twitter E-mail

General

Target

42b1c95706127adaac3b0d768fea4d31
Size

39KB
MD5

42b1c95706127adaac3b0d768fea4d31
SHA1

e677466e2d8bab54a0b3aab9fe046b79b39c990c
SHA256

2be1068d4151010f2bfe359114811b1c035c50c9104b108f0841ea3a1976ce7d
SHA512

24e96ebb4f27289053bddbc5f98a04e306114812106bc1c7c8697d90e4f1d3ddb19a055826eb8827afa71d44256a4f3798218e99cae4436b2c476c3e3148f3a1
SSDEEP

768:pdAvM2ZWBF67x4Itu7nQBCoYxFUKGvpK3YC8LnSI1:pvg6kHtAnQBNYrPGvpK3v4nSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42b1c95706127adaac3b0d768fea4d31

Files

42b1c95706127adaac3b0d768fea4d31
.exe windows:4 windows x86 arch:x86

327704ea7d5292c3547f102380289d2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateCaret
DlgDirListA
DrawFocusRect
GetDlgItemTextA
DialogBoxParamA
CharUpperBuffW
DrawTextExA
GetClipboardViewer
FillRect
EnumWindowStationsW
DdeCreateDataHandle
DdeSetQualityOfService
ChildWindowFromPointEx
CascadeChildWindows
DlgDirSelectExW
DestroyCaret
ChangeClipboardChain
ChangeMenuA
GetClipboardFormatNameA
EndPaint

gdi32

PlayEnhMetaFile
GetWorldTransform
GetMapMode
RectVisible
SetMapperFlags
CreateEllipticRgnIndirect
GetTextMetricsA
EnumFontFamiliesExW
GetKerningPairsA
SetViewportExtEx
AngleArc
PaintRgn
SetMetaRgn
GdiFlush
CreatePalette
GetCharABCWidthsA
SetBkMode

msvcrt

_execv
fabs
localeconv
_adj_fptan
fputws
gets
_wrename
putwchar
_wremove
_adj_fdiv_r
swscanf
_dstbias
wcstoul
isalnum
_ismbclower
_wexecve
mbtowc
toupper
_beep
_wspawnlpe
_wspawnle
_msize
towupper
_CItanh
wcscat
_wspawnvp

shell32

DoEnvironmentSubstA

kernel32

VirtualAlloc
GetModuleHandleA
OutputDebugStringW
GetQueuedCompletionStatus
lstrcmpW
GetLocalTime
ExitProcess
LocalCompact
EnumSystemCodePagesW
Beep
VirtualProtect
SetConsoleWindowInfo
GetNamedPipeInfo
GetProcessTimes
CreateWaitableTimerW
GetConsoleKeyboardLayoutNameW
Sleep
GetEnvironmentVariableW
GetCurrentProcessId
VirtualFree
TryEnterCriticalSection
SetLastError
UnhandledExceptionFilter
DefineDosDeviceW
UnlockFileEx
InterlockedIncrement
VirtualLock
TerminateThread
GetThreadPriorityBoost
GetPrivateProfileSectionW
GetCPInfoExA
LocalShrink
GetFileAttributesExW
SystemTimeToFileTime
ExpandEnvironmentStringsA
lstrlenW
FindNextFileA
WriteProfileStringW
DeleteFileA
GetLongPathNameW
VirtualFree
EnumSystemLocalesW
GetStartupInfoA
GetLogicalDriveStringsA
UpdateResourceA
FindResourceW

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.fzit
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbln
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dimd
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

327704ea7d5292c3547f102380289d2d

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

msvcrt

shell32

kernel32

Sections

.text Size: 5KB - Virtual size: 6KB

.fzit Size: 10KB - Virtual size: 15KB

.bbln Size: 10KB - Virtual size: 14KB

.dimd Size: 12KB - Virtual size: 22KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.fzit
Size: 10KB - Virtual size: 15KB

.bbln
Size: 10KB - Virtual size: 14KB

.dimd
Size: 12KB - Virtual size: 22KB

.reloc
Size: 1024B - Virtual size: 1KB