460986c13708be527d7eff6db55bd8c1

Sharing

Copy URL Twitter E-mail

General

Target

460986c13708be527d7eff6db55bd8c1
Size

84KB
MD5

460986c13708be527d7eff6db55bd8c1
SHA1

b2810234eaa551001f4c3f39ef3aee801afc10c7
SHA256

24a4a78b05d6c0ab1351703abe54df7685200c0a16a91823ba3cd1d2e21c7473
SHA512

dccd2736bf99c022e03236fc2e9585893d4b623b161e51889f9d4ed89b64f480a3e0658f31a652e51f1ed0415f216fc618af2d70bc09b3b137ce59121a083dd2
SSDEEP

1536:r5aTn69yL8I6aJHDB1FLVx4ofp2n3Tj4Wgj6dpXiGUMSTXaTZIfxK:G69ygdIt1JVx4CSjMMdMG6ulIg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
460986c13708be527d7eff6db55bd8c1

Files

460986c13708be527d7eff6db55bd8c1
.exe windows:4 windows x86 arch:x86

ca0f98b47d1c382a5ee51714b78f0d6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetPrivateProfileStringA
VirtualLock
GetFileInformationByHandle
PeekNamedPipe
GetVolumeInformationW
IsProcessorFeaturePresent
GetAtomNameA
GetFileAttributesA
ConnectNamedPipe
OpenFile
VirtualProtect
GetFullPathNameA
GetStringTypeExW
GetProcessHeap
EnumResourceNamesA
GetThreadPriority
SetProcessWorkingSetSize
GetDiskFreeSpaceW
GenerateConsoleCtrlEvent
GetComputerNameW
SystemTimeToFileTime
GetModuleHandleA
FindFirstFileA
ExitProcess

advapi32

RegEnumKeyExA
RegDeleteValueA
RegEnumKeyW
RegSaveKeyW
DuplicateToken
RegQueryInfoKeyW

user32

DeferWindowPos
CreateDialogParamW
GetClassInfoA
GetTabbedTextExtentW
SendNotifyMessageA
UnhookWindowsHook
SetUserObjectInformationW
GetCaretBlinkTime
GetMenuInfo
SetThreadDesktop
InvertRect
ExcludeUpdateRgn
TranslateAcceleratorA
DefFrameProcA
OpenWindowStationW
InvalidateRgn
PeekMessageA
DrawTextA
GetKeyboardLayoutNameA
CharLowerBuffA
DefFrameProcW
GetClientRect
CreateAcceleratorTableA
RemoveMenu
GetClipboardViewer
ToUnicode
CallWindowProcW
IsCharAlphaW
LoadMenuA
TileWindows
CreateMDIWindowW
ScrollDC
GetNextDlgGroupItem
WinHelpA
RedrawWindow

oleaut32

LoadTypeLi

comdlg32

ChooseColorA
ChooseFontW

ole32

OleGetIconOfClass
CoCreateInstanceEx
WriteClassStg
StgOpenStorage

msvcrt

_ultoa
fwrite
wcstombs
_access
isalnum
_wtoi
printf
fgetc
fflush
_mbctolower
_wctime
_ismbcspace
strncat
_mkdir
sprintf
signal
ceil
qsort
malloc
_cexit
isxdigit
wprintf
_ui64tow
_wchdir
tolower
wcstol
_wsplitpath
_flushall
_ismbcdigit
localeconv
_execlp
_mbstrlen
_strcmpi
bsearch
_wcsicoll
_wcslwr
strspn
wcscmp
_mbsnbicmp
_mbsnbcat
getenv
isleadbyte

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca0f98b47d1c382a5ee51714b78f0d6c

Headers

File Characteristics

Imports

kernel32

advapi32

user32

oleaut32

comdlg32

ole32

msvcrt

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 268KB - Virtual size: 268KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 268KB - Virtual size: 268KB

.rsrc
Size: 16KB - Virtual size: 16KB