42faf97087f1cb83aeaa223182627310

Sharing

Copy URL

Twitter E-mail

General

Target

42faf97087f1cb83aeaa223182627310
Size

190KB
MD5

42faf97087f1cb83aeaa223182627310
SHA1

8af4ba53ce112879fd2f9946a5fda57ae1a2b94e
SHA256

5b2fa75833811eac7bbc92d7efe458bca43057d11e8c4e96abd3e78525e528b5
SHA512

7808be37d1a11afaa9348a4c0da1d1762681e57c4c88ee5101320ea4f2f0a9b8587405a499ae051d4282ce2807f6ece77640ec3868fe5c19a0cdbfb55a3181c8
SSDEEP

3072:9cLEi/olJFpShcqvudGcflU0f37DfnTZnVQ1YE4LAmj5AjQTAnPwVdMsEyG470qe:+p/olfpShQdXiIPnTZnVQ1sj5Afn3sSx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42faf97087f1cb83aeaa223182627310

Files

42faf97087f1cb83aeaa223182627310
.exe windows:4 windows x86 arch:x86

de5288750a52c76b8852399e22ef7e4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathIsUNCW
PathFileExistsW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathAppendW

gdi32

GetTextColor
ExtTextOutW
Escape
PtVisible
GetStockObject
DeleteDC
GetMapMode
OffsetViewportOrgEx
ScaleViewportExtEx
SetViewportOrgEx
RectVisible
SelectObject
TextOutW
SetWindowExtEx
GetBkColor
ScaleWindowExtEx
ExtSelectClipRgn
GetDeviceCaps
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

CopyAcceleratorTableW
CharNextW
MessageBeep
CreateWindowExW
SetRect
CharUpperW
RemovePropW
InvalidateRgn
SetPropW
GetClassLongW
GetPropW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetClassInfoExW
InvalidateRect
GetNextDlgTabItem
IsRectEmpty
GetNextDlgGroupItem
DestroyMenu

kernel32

ReadFile
ConvertDefaultLocale
GetCalendarInfoW
EnumResourceLanguagesW
CreateFileW
GetCurrentDirectoryW
GetLocaleInfoW
lstrcpyW
GetFileAttributesW
WideCharToMultiByte
MoveFileW
MultiByteToWideChar
FindNextFileW
GetSystemDefaultLangID
LocalFileTimeToFileTime
FindClose
EnumResourceNamesA
FindFirstFileW
GetModuleFileNameW
CreateDirectoryW
DeleteFileW
GetVersion
SystemTimeToFileTime
ExitProcess
SetFilePointer
GetCurrentProcessId
SetFileTime
LoadLibraryW
InterlockedDecrement
WriteFile
RemoveDirectoryW
GetProcAddress

ole32

OleUninitialize
CoTaskMemFree
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CLSIDFromProgID
CoRetireServer
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRevokeClassObject
OleInitialize
OleIsCurrentClipboard
CoRegisterMessageFilter
CoUninitialize
CoGetClassObject
CoTaskMemAlloc
OleFlushClipboard
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de5288750a52c76b8852399e22ef7e4b

Headers

File Characteristics

Imports

shlwapi

gdi32

shell32

user32

kernel32

ole32

oleacc

advapi32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 76KB - Virtual size: 76KB

.edata Size: 1024B - Virtual size: 112KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 76KB - Virtual size: 76KB

.edata
Size: 1024B - Virtual size: 112KB