63734584d614aa569eacc8e5290f38c6

Sharing

Copy URL

Twitter E-mail

General

Target

63734584d614aa569eacc8e5290f38c6
Size

538KB
MD5

63734584d614aa569eacc8e5290f38c6
SHA1

6fc193b42d5728e25e9e9741fdd33b18d00c9c54
SHA256

0d0425acef2fb3d5822af843bfa33aa42c5939f5c7b45d7d4f5ef88f80454f91
SHA512

06bbc258df33b26beb3baa05ed54b18b4b1fd098517cdaa1581c4576f42a64ec207f2fc5ba14116f835396fdf60ecdb1733f4063d65c6b2f793e3c4d1c53e6e7
SSDEEP

6144:tNE4MM0LTYjwP8dTb7ZcWWo7DBzcfmxaaGlDpMJf/K2+P7z5lYJkw9+/KjFi2M8V:6qjBnB14f4s9MJ870ZX7X5x4qTGgfTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63734584d614aa569eacc8e5290f38c6

Files

63734584d614aa569eacc8e5290f38c6
.exe windows:4 windows x86 arch:x86

64b8ac1d141c254ce6f1275501884317

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

SetMenuItemInfoA
GetMenuContextHelpId
IsChild
DefMDIChildProcA
DrawTextA
CopyIcon
IsWindowEnabled
SetWindowsHookW
DdeAddData
ChangeDisplaySettingsExA
RegisterClassA
IsDialogMessage
CreateIconFromResourceEx
RegisterClassExA

kernel32

GetModuleHandleA
WaitCommEvent
CreateMutexW
GetSystemInfo
ReadFile
InitializeCriticalSection
GetLocaleInfoA
EnumSystemLocalesA
GetVersionExA
InterlockedExchange
HeapReAlloc
GetStartupInfoA
GetStringTypeW
OpenMutexA
SetStdHandle
CreateMailslotA
GetLocaleInfoW
GetCommandLineA
LeaveCriticalSection
SetEnvironmentVariableA
GetCalendarInfoA
IsBadWritePtr
CloseHandle
VirtualAlloc
EnterCriticalSection
TlsGetValue
GetTempPathA
GetSystemTimeAsFileTime
RtlUnwind
GetFileType
InterlockedDecrement
SetLastError
LCMapStringW
SetHandleCount
HeapDestroy
VirtualFree
TlsFree
GetTickCount
GetDateFormatA
SetFilePointer
CompareStringW
EnumResourceTypesA
GetLastError
GetConsoleTitleW
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GetACP
GetModuleFileNameA
GetCPInfo
IsValidCodePage
HeapSize
WriteConsoleOutputW
GetStdHandle
GetCurrentProcessId
OpenWaitableTimerA
GetEnvironmentStrings
IsValidLocale
GetPrivateProfileStructA
AddAtomW
GetCurrentProcess
DeleteCriticalSection
EnumResourceNamesA
GetStringTypeA
CreateMutexA
SetConsoleCursorPosition
GetTimeFormatA
LocalFlags
GetEnvironmentStringsW
VirtualQuery
HeapCreate
FreeEnvironmentStringsA
GetExitCodeThread
QueryPerformanceCounter
GetCommandLineW
GetProcAddress
HeapFree
CreateDirectoryExW
GetStringTypeExW
CompareStringA
TlsSetValue
MapViewOfFile
TlsAlloc
ExitProcess
WideCharToMultiByte
HeapAlloc
LoadLibraryA
LCMapStringA
GetOEMCP
GetProfileSectionA
FreeEnvironmentStringsW
FlushFileBuffers
WriteFile
GetUserDefaultLCID
TerminateProcess
VirtualProtect
UnhandledExceptionFilter
GetTimeZoneInformation
SetThreadPriority

comdlg32

PageSetupDlgA
GetOpenFileNameW

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64b8ac1d141c254ce6f1275501884317

Headers

File Characteristics

Imports

comctl32

user32

kernel32

comdlg32

Sections

.text Size: 370KB - Virtual size: 370KB

.rdata Size: 37KB - Virtual size: 64KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 370KB - Virtual size: 370KB

.rdata
Size: 37KB - Virtual size: 64KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 24KB - Virtual size: 23KB