533499343af308ef46d82d4dae114d6e

Sharing

Copy URL Twitter E-mail

General

Target

533499343af308ef46d82d4dae114d6e
Size

176KB
MD5

533499343af308ef46d82d4dae114d6e
SHA1

a87f29e138766c21563358791061beb63135e1c9
SHA256

441a2d3a24627f76d6b0290865c3d6f760230d123d3f1987293170e3824cb7e1
SHA512

372174abb034d79a18169fae74e96f50dcb8781ea7afd73d5024a8c8f03e2e2a2e75db77771d91a9d0d88248a1d422fe99c61e5a9db8260a4b2be3b7ba18a74f
SSDEEP

3072:GbMhIJBF/sY6D2WmosNmgwBjJy+ECJ/+A:G4eJsY6Dfbs1wty+ECt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
533499343af308ef46d82d4dae114d6e

Files

533499343af308ef46d82d4dae114d6e
.exe windows:4 windows x86 arch:x86

ff9b7f6f12071c24518865563baefd21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
GetWindowTextA
CloseWindow
CopyRect
IsWindow
DrawIconEx
GetDlgItem
GetMenu
GetDC
DrawTextW
LoadCursorA
GetCursor
CalcMenuBar
AppendMenuW
DialogBoxParamW
AppendMenuA
DrawTextA
InsertMenuA
IsMenu
CopyIcon
BlockInput
CreateIcon
GetFocus

advapi32

RegDeleteValueA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyW
RegReplaceKeyW
RegOpenKeyExW
RegFlushKey
RegDeleteValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueW
RegQueryValueW
RegEnumKeyExA
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyA
RegCreateKeyExA
RegCreateKeyW
RegQueryValueA

kernel32

OpenFile
CreateThread
DeleteAtom
GetFileSize
FindFirstFileA
Sleep
DeleteFileA
GetCPInfo
GlobalFree
FindAtomA
DeleteFileW
GetStdHandle
ReadConsoleA
GetComputerNameA
CopyFileA
GetCommandLineA
GetFileTime
OpenFileMappingA
DeleteFileA
GlobalFree
WriteFile
DeleteFileW
OpenFile
GetCPInfo
DeleteAtom
GetFileTime
SetLastError
ReadConsoleA
CreateDirectoryA
CreateThread
FindFirstFileA
Sleep
FindAtomA
GetStdHandle
GetCommandLineA
GetFileSize
GetConsoleMode
CopyFileExW

comctl32

ImageList_Draw
ImageList_Replace
ImageList_GetDragImage
ImageList_Copy
ImageList_GetImageCount
ImageList_DrawEx
ImageList_Merge
ImageList_AddIcon
ImageList_Destroy
ImageList_DragLeave
ImageList_EndDrag
ImageList_GetIconSize
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_DragEnter
ImageList_BeginDrag
ImageList_AddMasked
ImageList_LoadImageW
ImageList_GetIcon
InitCommonControls
ImageList_Remove
ImageList_GetImageRect
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
ImageList_Replace
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_GetImageCount
ImageList_LoadImage
ImageList_GetImageRect
ImageList_Copy
InitCommonControls
ImageList_DragMove
ImageList_DrawIndirect
ImageList_Remove
ImageList_GetDragImage
ImageList_GetIconSize

Sections

CODE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qudaio
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZhCPNN
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 124KB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xjLchr
Size: 4KB - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qGPxpd
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TAnGPg
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wJXEZb
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff9b7f6f12071c24518865563baefd21

Headers

File Characteristics

Imports

user32

advapi32

kernel32

comctl32

Sections

CODE Size: 4KB - Virtual size: 2KB

.qudaio Size: 8KB - Virtual size: 4KB

.ydata Size: 8KB - Virtual size: 6KB

.ZhCPNN Size: 8KB - Virtual size: 6KB

.fdata Size: 124KB - Virtual size: 4.7MB

.xjLchr Size: 4KB - Virtual size: 66B

.qGPxpd Size: 4KB - Virtual size: 2KB

.TAnGPg Size: 8KB - Virtual size: 4KB

.wJXEZb Size: 4KB - Virtual size: 3KB

CODE
Size: 4KB - Virtual size: 2KB

.qudaio
Size: 8KB - Virtual size: 4KB

.ydata
Size: 8KB - Virtual size: 6KB

.ZhCPNN
Size: 8KB - Virtual size: 6KB

.fdata
Size: 124KB - Virtual size: 4.7MB

.xjLchr
Size: 4KB - Virtual size: 66B

.qGPxpd
Size: 4KB - Virtual size: 2KB

.TAnGPg
Size: 8KB - Virtual size: 4KB

.wJXEZb
Size: 4KB - Virtual size: 3KB