590726bb43252f729940d761757be22d

Sharing

Copy URL Twitter E-mail

General

Target

590726bb43252f729940d761757be22d
Size

312KB
MD5

590726bb43252f729940d761757be22d
SHA1

3a5e335e618cd16a225bdaa801e221c7777efe82
SHA256

71a07c49b0e849a012a3faf8ee8f0ff88e3f20a7922ef550d1fbefbf1585bc2c
SHA512

e932f18f3277aefd35996c5561c41e8f7b71d29502a8d8ccad2e8ad16a5512746a3d362e27b9ce3185222e9ea99178c5048c79497e6952cde8d6cf0d726c015a
SSDEEP

6144:dKrqV4rw1EmijhpgBHGUbmppbTeziRH1AVYaupauqIE3I:+qV4I30hQHGUbmptTYoH1AspVqIE3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
590726bb43252f729940d761757be22d

Files

590726bb43252f729940d761757be22d
.exe windows:4 windows x86 arch:x86

63e67078ecfa9664f7c28d9327b3c5ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
SHGetFolderPathA
SHGetDiskFreeSpaceA
SHFileOperationA
SHGetFileInfoA

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_Add

ole32

ReleaseStgMedium
StgOpenStorage
CoGetMalloc
MkParseDisplayName
CLSIDFromString
GetHGlobalFromStream
CLSIDFromProgID
CoGetContextToken
CoCreateFreeThreadedMarshaler

kernel32

IsBadReadPtr
GlobalAlloc
GetVersionExA
ExitThread
ExitProcess
LoadLibraryA
lstrlenA
GetProcAddress
GetModuleHandleA
GetACP
VirtualAllocEx
LocalAlloc

gdi32

CopyEnhMetaFileA
GetPixel
GetDIBColorTable
GetBitmapBits
SaveDC
CreateCompatibleBitmap
RestoreDC
CreateBrushIndirect
CreateDIBSection
GetPaletteEntries
GetDCOrgEx
CreateCompatibleDC
CreateBitmap
GetClipBox
GetCurrentPositionEx
GetDIBits
SetPixel
SetTextColor
GetObjectA
BitBlt
SelectPalette
CreateDIBitmap
CreateFontIndirectA
SetBkColor
CreatePenIndirect
LineTo
SetBkMode
GetRgnBox
SelectObject
CreatePalette

shlwapi

SHQueryInfoKeyA
SHGetValueA
PathFileExistsA
SHSetValueA
SHDeleteValueA
PathIsDirectoryA
PathIsContentTypeA
SHDeleteKeyA

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res9
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res8
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res7
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63e67078ecfa9664f7c28d9327b3c5ec

Headers

File Characteristics

Imports

shell32

comdlg32

comctl32

ole32

kernel32

gdi32

shlwapi

Sections

.text Size: 56KB - Virtual size: 56KB

DATA Size: 1024B - Virtual size: 682B

.res9 Size: 233KB - Virtual size: 232KB

.res3 Size: 1KB - Virtual size: 1KB

.res8 Size: 14KB - Virtual size: 14KB

.res7 Size: 512B - Virtual size: 264B

.res4 Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 56KB - Virtual size: 56KB

DATA
Size: 1024B - Virtual size: 682B

.res9
Size: 233KB - Virtual size: 232KB

.res3
Size: 1KB - Virtual size: 1KB

.res8
Size: 14KB - Virtual size: 14KB

.res7
Size: 512B - Virtual size: 264B

.res4
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1024B