50034f588c94b5bf12ba420c6e8efcc1

Sharing

Copy URL Twitter E-mail

General

Target

50034f588c94b5bf12ba420c6e8efcc1
Size

421KB
MD5

50034f588c94b5bf12ba420c6e8efcc1
SHA1

d77c99164c50c4bbea7290466a1c4ed00e063e3b
SHA256

1e11303ff7cf672c0c7a1743184258e6b29894e37c22f019e9e9664c7209ef9b
SHA512

156b42b77387f48f3c46b727be2cce7dbad230c5e6ca876f6febbb07777014e7c2ae2f1d7f01c929b163eac00b71a8eb64c574826435aade5b3e54033b0eb8ef
SSDEEP

12288:a1WNziYgjAV/XIbDoNAJwzGMy2ka0ONXdA1606:aCziYgs/4beIwzGtONK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50034f588c94b5bf12ba420c6e8efcc1

Files

50034f588c94b5bf12ba420c6e8efcc1
.exe windows:4 windows x86 arch:x86

e7496c109cadeeeaab4d9649cf19d126

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCurrentObject
GetGlyphOutlineW
GetMetaFileW
GetBkMode
CreateScalableFontResourceA
GetStretchBltMode
SetRectRgn
EnumEnhMetaFile
GetRandomRgn
EqualRgn
SetArcDirection
GetWorldTransform
GetPolyFillMode
DeleteMetaFile
GetColorSpace
PolylineTo
UpdateICMRegKeyA
SetTextColor
GetRegionData

kernel32

UnhandledExceptionFilter
GetThreadPriority
ExpungeConsoleCommandHistoryA
GetDiskFreeSpaceW
GlobalLock
SetTimeZoneInformation
GetCurrentThreadId
Sleep
FillConsoleOutputCharacterA
GetLastError
lstrlenW
LoadLibraryW
VirtualFree
GetModuleHandleA
TlsFree
RtlUnwind
ExitProcess
LoadModule
ReadFileScatter
GetVersionExA
CreateFileW
FoldStringW
WriteConsoleInputA
GetConsoleCommandHistoryLengthA
GetStartupInfoA
SetFileApisToOEM
GetVersion
CreateEventA
VirtualAlloc
GetConsoleAliasesLengthA

user32

DispatchMessageA
FillRect
GetClassInfoW
BroadcastSystemMessageA
CheckRadioButton
BroadcastSystemMessageW
DlgDirSelectComboBoxExA
CopyRect
GetActiveWindow
CreateDesktopW
DlgDirSelectExW
GetClipboardData
CloseWindowStation

ole32

GetHookInterface
OleDoAutoConvert
StgOpenStorageOnILockBytes
CoUnloadingWOW
CoTaskMemFree
OleCreate
CreatePointerMoniker
StgCreateDocfile
OleCreateLink
OleRegEnumVerbs
WriteClassStm
CoGetMalloc
OleCreateLinkFromData
OleIsRunning
ReleaseStgMedium

msvcrt

_setmaxstdio
cosh
_unloaddll
_adj_fdiv_m32
_ftol
iswctype
_sys_errlist
_acmdln
pow
_adj_fprem1
__p__wenviron
putwchar
cos
_filelengthi64
_cabs
ungetc
fgetws
__p___argv
_longjmpex
swscanf
vfwprintf
_wsplitpath
scanf
_wopen
iswpunct
_safe_fprem1
_wfullpath
time
_getmbcp
strspn
_wsystem
_wtempnam
_nextafter
_utime64
__p__fileinfo
__setlc_active
vswprintf
_flushall
_clearfp

Sections

.text
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qqzex
Size: 151KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sbhi
Size: 187KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lyk
Size: 75KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7496c109cadeeeaab4d9649cf19d126

Headers

File Characteristics

Imports

gdi32

kernel32

user32

ole32

msvcrt

Sections

.text Size: 8KB - Virtual size: 9KB

.qqzex Size: 151KB - Virtual size: 447KB

.sbhi Size: 187KB - Virtual size: 386KB

.lyk Size: 75KB - Virtual size: 127KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 9KB

.qqzex
Size: 151KB - Virtual size: 447KB

.sbhi
Size: 187KB - Virtual size: 386KB

.lyk
Size: 75KB - Virtual size: 127KB

.reloc
Size: 1024B - Virtual size: 1KB