580a9747bf021877bcf893b573dfed23

Sharing

Copy URL Twitter E-mail

General

Target

580a9747bf021877bcf893b573dfed23
Size

173KB
MD5

580a9747bf021877bcf893b573dfed23
SHA1

bfb6bc866e23a17f9f310b77ae531716c1837ab5
SHA256

73e7172ccca6b24fd3addb6b85e1c2a463385ba6f938a390a006fea93add49bd
SHA512

ab3ff8cf56f5d5c66280aaee65d5a79279ce506214909556bc34077d7aece70eadd2097a21b9af077635c2de0e20829af2c422b468cfaa04cdc0f07dd5f4fe92
SSDEEP

3072:oiFUkyRi0M1JESP0I+5FilvdUPypi/VAPlm0GKSwkG:oiQi3xPfochOPXGtm+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
580a9747bf021877bcf893b573dfed23

Files

580a9747bf021877bcf893b573dfed23
.exe windows:4 windows x86 arch:x86

6206405733b3e114f7d2997df4ef035e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
FindTextA
GetFileTitleA
ChooseColorA

user32

DestroyWindow
DrawAnimatedRects
CloseClipboard
SetActiveWindow
GetSysColor
GetMenuItemID
EqualRect
GetWindowLongA
MsgWaitForMultipleObjects
EnumChildWindows
UnhookWindowsHookEx
GetMenuItemInfoA
PostQuitMessage
GetFocus
SetWindowPlacement
OemToCharA
GetClassInfoA
DrawFrameControl
SetPropA
GetActiveWindow
DestroyCursor
SetCapture
RemovePropA
IsWindowUnicode
ActivateKeyboardLayout
EnumWindows
OffsetRect
IsRectEmpty
SetCursor
IsZoomed
SetClipboardData
RegisterClassA

shlwapi

SHQueryInfoKeyA
SHEnumValueA
SHDeleteKeyA
SHGetValueA
PathGetCharTypeA
SHStrDupA

msvcrt

fabs
strlen
strcmp
sqrt
memcpy
rand
pow

shell32

SHGetFolderPathA
SHGetDiskFreeSpaceA

advapi32

RegCreateKeyA
RegQueryValueExA
RegEnumValueA

kernel32

Sleep
LoadResource
GetProcessHeap
GlobalAlloc
GetDiskFreeSpaceA
ReadFile
VirtualAlloc
SetErrorMode
GetModuleHandleA
GetOEMCP
MoveFileExA
WriteFile
GetFileType
GetEnvironmentStrings
GetStringTypeW
LoadLibraryA
GetLocaleInfoA
ResetEvent
LocalFree
LoadLibraryExA
MoveFileA
GetThreadLocale
ExitProcess
EnumCalendarInfoA
HeapDestroy
GetDateFormatA
GetStringTypeA
lstrcpyA
HeapAlloc
SetThreadLocale
LocalAlloc
GetFileSize
GetCPInfo
EnterCriticalSection
lstrlenA
GetFullPathNameA
GlobalFindAtomA
InitializeCriticalSection
FreeLibrary
GlobalAddAtomA
ExitThread
GetStdHandle
GetTickCount
LocalReAlloc
RaiseException
FindClose
VirtualAllocEx

comctl32

ImageList_Create
ImageList_GetBkColor
ImageList_Remove
ImageList_Write
ImageList_Add
ImageList_Read
ImageList_DrawEx

version

GetFileVersionInfoA

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 637B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 141KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 625B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6206405733b3e114f7d2997df4ef035e

Headers

File Characteristics

Imports

comdlg32

user32

shlwapi

msvcrt

shell32

advapi32

kernel32

comctl32

version

Sections

.text Size: 29KB - Virtual size: 28KB

.idata Size: 1024B - Virtual size: 637B

.edata Size: 141KB - Virtual size: 188KB

.data Size: 1024B - Virtual size: 625B

.text
Size: 29KB - Virtual size: 28KB

.idata
Size: 1024B - Virtual size: 637B

.edata
Size: 141KB - Virtual size: 188KB

.data
Size: 1024B - Virtual size: 625B