487ce4040083af811decf496a158a389

Sharing

Copy URL Twitter E-mail

General

Target

487ce4040083af811decf496a158a389
Size

564KB
MD5

487ce4040083af811decf496a158a389
SHA1

91d9f4eb12da93e767f455876e5d9ee48c49792d
SHA256

5607ea4035e3f9d946e7511160639bab618c8dfc5a941807d47ea56c883149a4
SHA512

a89595627cc61004db9dc2cca146623d8a8bbd9308c9724d107ad4c049be2eb2ab80f3c5e0fe9156608415f34dbfa5ef5049123cdcff3df743266c389dd6d036
SSDEEP

12288:eXSwwXHRQx1jBofwn1zGG9/qODYVDRHrUnaF6A68K7Ga6HD:LXHRQx1jBofwn1zd/UV9HrUnaF6Z8Kk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487ce4040083af811decf496a158a389

Files

487ce4040083af811decf496a158a389
.exe windows:4 windows x86 arch:x86

35c7d0841775e34fc4ebe508dd7be8ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
SetClassLongW
OpenWindowStationA
IsWindowUnicode
CreateAcceleratorTableA
CallMsgFilter
IsDialogMessageW
SubtractRect
IsCharUpperW
MessageBoxW
DestroyWindow
GetWindowContextHelpId
CreateWindowExW
ShowWindow
MapDialogRect
CreateIconFromResource
WaitForInputIdle
RegisterClassA
GetInputState
RegisterClassExA
DefWindowProcA
SetKeyboardState
ChangeDisplaySettingsExW
UnhookWindowsHookEx
DestroyMenu
GetInputDesktop
VkKeyScanExW

kernel32

GetLocaleInfoA
MultiByteToWideChar
GetPrivateProfileStringW
FreeEnvironmentStringsA
GlobalLock
HeapFree
InterlockedExchange
IsValidCodePage
VirtualQueryEx
LoadLibraryA
GetCommandLineA
WriteFile
CreateMailslotW
GetTimeFormatA
GlobalFindAtomW
GetCurrentProcess
SetFilePointer
InitializeCriticalSection
TerminateProcess
SystemTimeToTzSpecificLocalTime
QueryPerformanceCounter
TlsGetValue
GetEnvironmentStringsW
GetLocaleInfoW
HeapCreate
VirtualQuery
EnterCriticalSection
GetACP
CreateMutexA
LockFileEx
LocalShrink
OpenMutexA
DuplicateHandle
GetStringTypeA
GetProcAddress
HeapAlloc
CompareStringA
LCMapStringA
GetUserDefaultLCID
HeapDestroy
GetFileType
SetEnvironmentVariableA
SetLocaleInfoA
WriteConsoleOutputW
SetStdHandle
ExpandEnvironmentStringsA
HeapValidate
GetStartupInfoA
VirtualFree
CompareStringW
GetDateFormatA
WideCharToMultiByte
TlsSetValue
ExitProcess
VirtualAlloc
DeleteCriticalSection
GetCurrentThreadId
RtlUnwind
FlushFileBuffers
HeapSize
GetTimeZoneInformation
GetEnvironmentStrings
IsBadWritePtr
GetStringTypeW
GetTickCount
VirtualProtect
GetOEMCP
GetCurrentThread
MapViewOfFileEx
GetModuleHandleA
GetCurrencyFormatW
GetCPInfo
TlsAlloc
UnhandledExceptionFilter
GetSystemInfo
FindNextChangeNotification
TlsFree
EnumSystemLocalesA
GetCurrentProcessId
GetCurrentDirectoryA
SetLastError
GetConsoleScreenBufferInfo
ReadFile
EnumResourceLanguagesA
SetComputerNameA
GetModuleFileNameA
GetSystemTimeAsFileTime
CloseHandle
HeapReAlloc
LCMapStringW
IsValidLocale
ConvertDefaultLocale
FreeEnvironmentStringsW
SetHandleCount
GetStdHandle
LeaveCriticalSection
GetLastError
GetVersionExA

comctl32

ImageList_Add
InitCommonControlsEx
GetEffectiveClientRect

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35c7d0841775e34fc4ebe508dd7be8ff

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 112KB - Virtual size: 122KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 112KB - Virtual size: 122KB

.rsrc
Size: 44KB - Virtual size: 40KB