594b2f97d7057d2eb59e96180cb10f3c

Sharing

Copy URL Twitter E-mail

General

Target

594b2f97d7057d2eb59e96180cb10f3c
Size

500KB
MD5

594b2f97d7057d2eb59e96180cb10f3c
SHA1

3079be5f3d1ac5b6d987c55761b36907e718fa41
SHA256

e97f3915d675ea93ed7bd2d8c14cd378d6b74b38183e02ae77a47b6dc7f0f1d2
SHA512

27e2096441e60c44da1a8a9de1dfe781cd917e0cac770d8b1bec3cfe92bef5aaf329005beaba6c8e680a46a278e007c3765fc288b1b3d140f06b7fac0d73fe88
SSDEEP

6144:9oOYLDm30UDPnBC8/dc7Nv+dbKAzclXd3DTTWC/acjXrXC4Q5n5LZrq9K08FE5Nt:O/HmDPd/dymKscHJNHVwnyQR9zh9OTw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
594b2f97d7057d2eb59e96180cb10f3c

Files

594b2f97d7057d2eb59e96180cb10f3c
.exe windows:4 windows x86 arch:x86

86f248e0b443747e04159cf3af3ee601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

SHGetFileInfoA
SHAddToRecentDocs
SHGetFileInfoW
ExtractAssociatedIconExW
SHGetNewLinkInfo

comdlg32

PageSetupDlgA
PrintDlgA
ChooseColorA

user32

WindowFromPoint
CreateAcceleratorTableW
DispatchMessageW
SetCaretBlinkTime
CascadeWindows
RegisterClassA
IsChild
LoadMenuW
RegisterClassExA
FindWindowExW
SetWindowTextW
SetLastErrorEx
GetWindowInfo
InternalGetWindowText
CopyRect
OpenWindowStationA
BroadcastSystemMessage
GetClassInfoExA
RealGetWindowClass
SendDlgItemMessageA

advapi32

CryptSetProvParam
RegConnectRegistryW
RegEnumKeyExW
LookupPrivilegeNameW
RegOpenKeyA
RegEnumValueW
CryptDeriveKey
LookupPrivilegeDisplayNameW
RevertToSelf
RegSetValueW
RegSetKeySecurity
GetUserNameW
RegOpenKeyExW
CryptEnumProvidersA
DuplicateTokenEx
CryptVerifySignatureA
LookupPrivilegeValueW
LookupAccountSidA
CryptGetUserKey
GetUserNameA

gdi32

CreateCompatibleDC
GetGraphicsMode
DeleteDC
CreateMetaFileW
SetWorldTransform
CreateRectRgn
ChoosePixelFormat
CreateDCA
AbortPath
EnumFontFamiliesA
GetEnhMetaFileDescriptionA
GetEnhMetaFileBits
PlayEnhMetaFile
GetDeviceCaps

kernel32

EnumSystemLocalesA
GlobalAddAtomW
LoadLibraryA
GetStringTypeW
LCMapStringW
GetUserDefaultLCID
GetStartupInfoW
MultiByteToWideChar
SetStdHandle
GetEnvironmentStringsW
GetTickCount
GetStartupInfoA
GetMailslotInfo
GetDateFormatA
GetCurrentProcess
GetCPInfo
DeleteCriticalSection
GetTimeZoneInformation
LCMapStringA
HeapSize
ReadConsoleW
SetHandleCount
CompareStringA
CloseHandle
InitializeCriticalSectionAndSpinCount
OpenMutexA
HeapReAlloc
SetEnvironmentVariableA
WriteFile
IsValidCodePage
CreateEventA
CreateFileA
GetCompressedFileSizeA
TlsFree
ExitProcess
HeapCreate
IsDebuggerPresent
CreateNamedPipeA
GetCurrentThreadId
GetModuleFileNameW
InterlockedIncrement
EnterCriticalSection
VirtualFree
SetEndOfFile
GetCommandLineW
FreeEnvironmentStringsW
HeapAlloc
GetConsoleMode
ReadFile
TerminateProcess
GetModuleHandleW
VirtualAlloc
TlsGetValue
OpenEventA
HeapFree
WriteConsoleW
InterlockedExchange
TlsAlloc
IsValidLocale
WriteConsoleA
GetLastError
GetConsoleOutputCP
GetPrivateProfileStructA
UnhandledExceptionFilter
GetModuleHandleA
GetStdHandle
GetModuleFileNameA
SetThreadLocale
GetStringTypeA
InterlockedDecrement
GetTimeFormatA
GetLocaleInfoW
GetACP
Sleep
SetUnhandledExceptionFilter
HeapDestroy
WideCharToMultiByte
GetConsoleCP
GetCommandLineA
RtlUnwind
SetLastError
FlushFileBuffers
GetCurrentProcessId
GetFileType
GetOEMCP
FreeLibrary
GetSystemTimeAsFileTime
GetProcAddress
VirtualQuery
VirtualUnlock
GetVolumeInformationW
LeaveCriticalSection
TlsSetValue
GetLocaleInfoA
SetFilePointer
SetConsoleCtrlHandler
QueryPerformanceCounter
CompareStringW
LocalFlags
WriteConsoleOutputCharacterW
CreateMutexA
GetCurrentThread

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86f248e0b443747e04159cf3af3ee601

Headers

File Characteristics

Imports

comctl32

shell32

comdlg32

user32

advapi32

gdi32

kernel32

Sections

.text Size: 325KB - Virtual size: 324KB

.rdata Size: 53KB - Virtual size: 82KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 325KB - Virtual size: 324KB

.rdata
Size: 53KB - Virtual size: 82KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 18KB - Virtual size: 17KB