58f3f029e592a7298935027d9beca028

Sharing

Copy URL Twitter E-mail

General

Target

58f3f029e592a7298935027d9beca028
Size

516KB
MD5

58f3f029e592a7298935027d9beca028
SHA1

fac05fa058a6768a702f61de84b6fd90a78806f2
SHA256

266619015cb7913d0b419ac295c75c8853904a235c4e26e4ba0030bdbcf49422
SHA512

5db25aedc47e9cc274ac8b9647e714f23d2ca47d2e8db67bda847124aff81ab121511460105b3ded40a81902ba9907de90fdbb58dc3be6d3f65e55e7dbbb9030
SSDEEP

12288:e/1jhHA8M52QL79u8QtZLuyBI2y6+a7TF+i+1XpXFJpAmb:Jn684nY9J3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58f3f029e592a7298935027d9beca028

Files

58f3f029e592a7298935027d9beca028
.exe windows:4 windows x86 arch:x86

b430cd30bb366d7c2a643de468d4405a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GetEnvironmentStringsW
CreateMutexW
EnumResourceNamesW
GetCPInfo
FlushViewOfFile
HeapAlloc
SetConsoleCtrlHandler
InterlockedIncrement
GetTimeZoneInformation
IsValidLocale
TlsGetValue
DeleteFiber
GlobalDeleteAtom
TlsFree
InterlockedDecrement
Sleep
GetCurrentThread
GetDateFormatA
LocalFileTimeToFileTime
HeapDestroy
CompareStringW
GetEnvironmentStrings
DeleteCriticalSection
WriteProfileSectionA
GetLocaleInfoA
IsValidCodePage
GetCommandLineW
GetProcAddress
GlobalAlloc
GetCommandLineA
LeaveCriticalSection
lstrcpyn
CompareStringA
WriteConsoleInputW
GetLocaleInfoW
VirtualQuery
GetTimeFormatA
LCMapStringW
GetVersionExA
SleepEx
GetOEMCP
IsDebuggerPresent
GetACP
HeapReAlloc
GetStringTypeW
ExitProcess
SetConsoleMode
UnhandledExceptionFilter
VirtualAlloc
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcess
GetStartupInfoW
GetModuleHandleA
FreeEnvironmentStringsA
GetProcessHeap
GetStartupInfoA
GetCurrentThreadId
HeapCreate
SetHandleCount
GetFileAttributesExA
FreeEnvironmentStringsW
WideCharToMultiByte
TlsAlloc
GetStdHandle
FindNextChangeNotification
SetComputerNameW
GetTickCount
GetLastError
WriteFile
EnumSystemLocalesA
HeapSize
GetUserDefaultLCID
RtlUnwind
EnterCriticalSection
GetSystemTimeAsFileTime
VirtualFree
GetStringTypeA
SetUnhandledExceptionFilter
LoadLibraryW
FreeLibrary
SetLastError
GetFileType
GetModuleFileNameW
HeapFree
TerminateProcess
LoadLibraryA
InterlockedExchangeAdd
LCMapStringA
TlsSetValue
SetConsoleActiveScreenBuffer
GetModuleFileNameA
InitializeCriticalSection
CreateDirectoryExA
SetEnvironmentVariableA
GetProcessHeaps
InterlockedExchange
GetCurrentProcessId
WritePrivateProfileSectionW

gdi32

ResetDCW
GdiPlayJournal
CheckColorsInGamut
SetMiterLimit
GetBitmapDimensionEx
SetAbortProc
GetPixel
GetClipBox
ExtEscape
DPtoLP
GetDCOrgEx

user32

DefWindowProcA
LoadImageA
CreateDialogParamW
CreateIconFromResource
GetListBoxInfo
DestroyCaret
CharUpperBuffA
AdjustWindowRect
CreateWindowExW
AttachThreadInput
GetClassInfoA
CharToOemBuffA
CheckMenuRadioItem
CharPrevW
EnumDisplaySettingsExW
IsDialogMessage
wsprintfA
GetClipboardViewer
MessageBoxW
VkKeyScanExA
ShowWindowAsync
SetMenuDefaultItem

comdlg32

GetSaveFileNameA
GetOpenFileNameW
GetFileTitleA
PageSetupDlgA
LoadAlterBitmap
GetFileTitleW
ReplaceTextA
ChooseFontW
ChooseColorW
FindTextW
GetOpenFileNameA

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b430cd30bb366d7c2a643de468d4405a

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comdlg32

Sections

.text Size: 222KB - Virtual size: 222KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 222KB - Virtual size: 222KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 12KB - Virtual size: 12KB