592701ef0c31872043ab71de4e178d3c

Sharing

Copy URL Twitter E-mail

General

Target

592701ef0c31872043ab71de4e178d3c
Size

454KB
MD5

592701ef0c31872043ab71de4e178d3c
SHA1

9618ca1aa0e3340b7f1da546d9b1873844a2a856
SHA256

685b9d69b687f53ff26751675981cffb5bc6f39a497411a368c513f26f9397a9
SHA512

fd8dd10c90a38247a7fe17f6d9fc088cda35e5b9ef7a33f53a9e4a0925c94cb77b762c51b0313ce35a9370854ab362064c3cd1fea09f5f1a2fd561ea79c78013
SSDEEP

12288:CSgst85WmCpqCvHcgd+TNPNY8+uWodmabem+fdOS/Z:Zgst85I2Fgoby

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
592701ef0c31872043ab71de4e178d3c

Files

592701ef0c31872043ab71de4e178d3c
.exe windows:4 windows x86 arch:x86

d1fc1f715fdf2758b663b211cbf06d53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueW
RegReplaceKeyA

gdi32

GetCharWidthFloatA

shell32

SHQueryRecycleBinA
ShellAboutW
DoEnvironmentSubstW

user32

GetMenuState
CreateWindowExA
LoadIconA
GetPriorityClipboardFormat
GetClipboardFormatNameA
DdeAbandonTransaction
GetInputDesktop
GetClassWord
GetWindowContextHelpId
DrawStateA
PostQuitMessage
IsCharAlphaNumericA
GetWindowInfo
EnableScrollBar
GetUserObjectInformationA
SetShellWindow
ShowWindow
SetMenuItemInfoW
SetMenuItemInfoA
OpenIcon
DefFrameProcW

kernel32

LCMapStringW
LeaveCriticalSection
InitializeCriticalSection
IsValidLocale
TlsSetValue
SetLastError
GetFileType
GetVersionExA
LCMapStringA
GetModuleHandleA
GetTickCount
GetDateFormatA
HeapSize
CompareStringA
GetTimeFormatA
GetProcAddress
GetStringTypeW
GetEnvironmentStringsW
FindFirstFileW
EnterCriticalSection
SetHandleCount
LoadLibraryA
GetStartupInfoW
HeapCreate
GetUserDefaultLCID
GetCurrentThreadId
CompareStringW
TlsAlloc
GetCurrentProcessId
GetLocaleInfoW
UnhandledExceptionFilter
VirtualFree
GetEnvironmentStrings
GetCurrentProcess
GetSystemInfo
OpenSemaphoreA
RtlUnwind
GetCurrentThread
TerminateProcess
HeapAlloc
GetCPInfo
GetModuleFileNameW
VirtualAlloc
FreeEnvironmentStringsW
GetOEMCP
FreeEnvironmentStringsA
TlsGetValue
VirtualProtect
GetStdHandle
GetACP
GetStringTypeA
GetLastError
InterlockedExchange
GetTimeZoneInformation
HeapReAlloc
GetModuleFileNameA
EnumSystemLocalesA
GetSystemTimeAsFileTime
WriteFile
VirtualQuery
MultiByteToWideChar
GetStartupInfoA
GetVersion
DeleteCriticalSection
GetCommandLineW
SetEnvironmentVariableA
HeapDestroy
GetCommandLineA
QueryPerformanceCounter
ExitProcess
WideCharToMultiByte
IsBadWritePtr
GetLocaleInfoA
HeapFree
IsValidCodePage
TlsFree

comdlg32

ChooseColorW
ReplaceTextA
GetSaveFileNameW
ReplaceTextW
FindTextW
GetOpenFileNameA
PrintDlgW
ChooseColorA
GetSaveFileNameA

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1fc1f715fdf2758b663b211cbf06d53

Headers

File Characteristics

Imports

advapi32

gdi32

shell32

user32

kernel32

comdlg32

Sections

.text Size: 166KB - Virtual size: 165KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 166KB - Virtual size: 165KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 12KB - Virtual size: 12KB