43479275795ea881943376ed8ab19877

Sharing

Copy URL Twitter E-mail

General

Target

43479275795ea881943376ed8ab19877
Size

330KB
MD5

43479275795ea881943376ed8ab19877
SHA1

db333d409324844228747e174c0b75d2b1321c6e
SHA256

53636f455002241f9ff6f86bb9c7149f7208aa61fe2ec83559c54b61e854a201
SHA512

565dd0e058533475215e5d97b9e23e766c314aa8928ea1c793eea4580286d8b444b029e0ee6506609786a03b56e2f4ac524deeb1c39d29e9254d287836e8e568
SSDEEP

6144:6o2eoiaM9WibxgNwyaW8dC89LMfwHHoA2CinLhJS9vMb:6o2e7apiIdT8d99ZoqinUEb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43479275795ea881943376ed8ab19877

Files

43479275795ea881943376ed8ab19877
.exe windows:4 windows x86 arch:x86

15bc5f417ebb4be47f58a6c7a4a74de7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
PageSetupDlgA
LoadAlterBitmap
ChooseColorA

user32

SetClassLongW
RegisterClassA
GetMenuItemRect
LoadAcceleratorsA
LoadBitmapW
SetUserObjectSecurity
CallMsgFilterW
RegisterClassExA
CharPrevA
LookupIconIdFromDirectoryEx
DispatchMessageW
DestroyMenu
CreateDialogIndirectParamA

kernel32

GetCurrentProcessId
GetLocaleInfoW
GlobalFindAtomA
OpenMutexA
EnterCriticalSection
EnumResourceNamesW
TlsGetValue
GetTickCount
WriteConsoleA
HeapFree
CompareStringA
SetEnvironmentVariableA
InterlockedDecrement
InterlockedIncrement
OutputDebugStringW
VirtualQuery
HeapCreate
GetACP
LoadLibraryA
WriteConsoleW
TransactNamedPipe
CopyFileExA
ReadConsoleOutputAttribute
EnumSystemLocalesA
WriteConsoleOutputAttribute
GetModuleFileNameA
GetStringTypeW
SetConsoleCtrlHandler
WaitNamedPipeW
GlobalReAlloc
CompareStringW
GetLocaleInfoA
FreeLibrary
GetCurrentProcess
GetProcessAffinityMask
OpenSemaphoreW
GetVersionExA
RtlUnwind
GetModuleHandleA
GetProcAddress
CreateFileA
ReadFile
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
IsValidCodePage
GetOEMCP
InterlockedExchange
lstrcmpiW
GetEnvironmentStringsW
GetStartupInfoW
GetConsoleMode
GetCommandLineW
GetEnvironmentStringsA
WriteFile
MoveFileA
HeapValidate
CreateMutexA
GetTimeZoneInformation
HeapDestroy
TlsFree
GetFileAttributesExW
GetStartupInfoA
ExitProcess
SetVolumeLabelA
GetDateFormatA
InitializeCriticalSection
SetFilePointer
GetCurrentThreadId
GetTimeFormatA
CloseHandle
ExitThread
GetEnvironmentStrings
HeapSize
SetHandleCount
HeapReAlloc
GetStdHandle
FreeEnvironmentStringsA
GetPrivateProfileSectionNamesW
IsDebuggerPresent
IsValidLocale
GetCPInfo
VirtualFreeEx
GetUserDefaultLCID
Sleep
TlsAlloc
FlushFileBuffers
GetStringTypeA
GetConsoleCP
UnhandledExceptionFilter
DeleteCriticalSection
VirtualAlloc
LCMapStringW
OpenSemaphoreA
GetConsoleOutputCP
GetSystemTimeAsFileTime
LCMapStringA
SetLastError
TerminateProcess
SetUnhandledExceptionFilter
GetCommandLineA
TlsSetValue
GetModuleFileNameW
GetProcessHeap
LeaveCriticalSection
MultiByteToWideChar
SetStdHandle
GetEnvironmentVariableW
HeapAlloc
VirtualFree
QueryPerformanceCounter
GetFileType
GetCurrentThread

wininet

InternetCreateUrlA
SetUrlCacheEntryInfoA
FtpCommandW
DeleteUrlCacheEntryA
InternetGetConnectedStateExA
RetrieveUrlCacheEntryFileW
IsUrlCacheEntryExpiredW

comctl32

InitCommonControlsEx

gdi32

PolyDraw
PaintRgn

shell32

SheGetDirA

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15bc5f417ebb4be47f58a6c7a4a74de7

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

wininet

comctl32

gdi32

shell32

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 10KB - Virtual size: 17KB

.data Size: 174KB - Virtual size: 173KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 10KB - Virtual size: 17KB

.data
Size: 174KB - Virtual size: 173KB

.rsrc
Size: 2KB - Virtual size: 2KB