502f6b166ef1cc200270078ea9c891cb

Sharing

Copy URL Twitter E-mail

General

Target

502f6b166ef1cc200270078ea9c891cb
Size

121KB
MD5

502f6b166ef1cc200270078ea9c891cb
SHA1

8fc8a0e7897f92fdb8ab6a367986475da16f788c
SHA256

bdcf5cae7b48dcd9c51532e71bcca2b4e6855e44190f6325fc513b2bfb7c2ce9
SHA512

5720a39c2daa44e4d9bc0d29e8f4e6e3bd0b753d88383a29c7b99a41b9bad3cb894e3b7d704149a48255cacbf6861a19ce9ad1b71184493111289b42a55c4560
SSDEEP

1536:WYTFl5SpORZVLZme9jjQqj420/7KjkfaQqO7IL4PwGzSiJ5ZTWR/Q:BTFipO6e9jjQqjf0/7KjkfnIL4PThTKQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
502f6b166ef1cc200270078ea9c891cb

Files

502f6b166ef1cc200270078ea9c891cb
.exe windows:4 windows x86 arch:x86

a504feca518ade9fc4e7bc06f1b257f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetLocaleInfoW
LoadResource
InterlockedIncrement
CreateProcessW
TerminateProcess
LockResource
RaiseException
FreeEnvironmentStringsA
lstrcatW
HeapFree
WaitForMultipleObjects
GetTimeFormatA
GetLocaleInfoA
WriteFile
GlobalLock
IsValidCodePage
MultiByteToWideChar
GetCurrentDirectoryA
FindClose
CloseHandle
HeapDestroy
GetDriveTypeW
FileTimeToLocalFileTime
GetOEMCP
WideCharToMultiByte
CreateMutexW
TlsGetValue
CreateFileA
GetSystemTimeAsFileTime
FindNextFileW
lstrcpyW
PeekNamedPipe
WriteConsoleW
LCMapStringA
MulDiv
GetTickCount
FlushFileBuffers
HeapAlloc
SetFilePointer
InitializeCriticalSection
Sleep
SetEndOfFile
GlobalFree
lstrcmpW
GetStringTypeA
WaitForSingleObject
FindResourceW
GetLastError
HeapCreate
QueryPerformanceCounter
EnumSystemLocalesA
GetStdHandle
InterlockedDecrement
GetModuleHandleW
IsValidLocale
ExitProcess
CreateFileW
DeleteFileW
GetExitCodeProcess
WriteConsoleA
SetUnhandledExceptionFilter
VirtualFree
SetLastError
TerminateThread
UnhandledExceptionFilter
GlobalSize
lstrcpynW
GetSystemInfo
VirtualAlloc
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
HeapSize
VirtualProtect
VirtualQuery
InterlockedExchange
RtlUnwind
IsBadWritePtr
LCMapStringW
HeapReAlloc
GetCPInfo
GetACP
GetStringTypeW
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameA
GetCurrentProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

user32

ShowWindow
DrawEdge
IsClipboardFormatAvailable
GetMonitorInfoW
AppendMenuW
SetWindowLongA
ShowCaret
GetKeyboardState
IsChild
UpdateWindow
CallWindowProcW
GetScrollPos
DestroyWindow
GetClipboardData
IsWindow
GetActiveWindow
InsertMenuItemW
CharLowerW
EmptyClipboard
DefWindowProcW
SetScrollPos
FillRect
SetCaretPos
OpenClipboard
InsertMenuW
SetForegroundWindow
GetMenuState
GetKeyState
ScrollWindow
ModifyMenuW
GetMenuItemCount
EnableWindow
GetSystemMetrics
ShowScrollBar
GetMenu
DestroyCursor
SetFocus
MonitorFromWindow
CharUpperW
CreateDialogParamW
DrawTextW
EndDeferWindowPos
CheckMenuItem
IsDialogMessageA
CreateDialogIndirectParamW

comdlg32

GetFileTitleW
ChooseFontW
ChooseFontA
GetOpenFileNameA
PageSetupDlgW
GetOpenFileNameW
ReplaceTextW
GetSaveFileNameW
PageSetupDlgA
ReplaceTextA
ChooseColorW
ChooseColorA
FindTextA
FindTextW
GetSaveFileNameA
PrintDlgW

ole32

StgIsStorageILockBytes

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a504feca518ade9fc4e7bc06f1b257f3

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 82KB - Virtual size: 123KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 82KB - Virtual size: 123KB

.rsrc
Size: 4KB - Virtual size: 4KB