71a34c41d14dd31fc512117aca048e57

Sharing

Copy URL Twitter E-mail

General

Target

71a34c41d14dd31fc512117aca048e57
Size

398KB
MD5

71a34c41d14dd31fc512117aca048e57
SHA1

b613530bc867b0df5fd1e55c1bcaff7fdec44b61
SHA256

358ec7ecd668c99ed38fe9abc9a6eef774f60a01ad0f6d29e5a96c5ea8cb5ead
SHA512

35f1891167520d78da46fadef419cdc86d8a7c3d6c7b8be06538bd637c9149e809339eba25bd8883eff4486142cea5e60d1cac687bdbdab5b4a861cbaeaf3412
SSDEEP

6144:p4E/TZ14OZQlUPSqxIhmUr2/jv92yCkVRKC6Yzp//EY69C2TQKyOJ7k:pzTveUGXrEjvpKCpV//EY6jQKyOJY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71a34c41d14dd31fc512117aca048e57

Files

71a34c41d14dd31fc512117aca048e57
.exe windows:4 windows x86 arch:x86

38ffe0100cb47bff859b855077c8c625

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetTabbedTextExtentW
PackDDElParam
RegisterWindowMessageW
GetTopWindow
SetPropA
SendMessageTimeoutW
WaitMessage
InsertMenuItemW
CallWindowProcA
WINNLSGetIMEHotkey
RegisterClassA
DdeReconnect
DialogBoxIndirectParamA
ValidateRgn
CreateMenu
UnloadKeyboardLayout
RemovePropA
RegisterClassExA
CopyAcceleratorTableA
CreateIconFromResource
DrawTextW
OemToCharA

kernel32

CompareStringW
SetUnhandledExceptionFilter
FindClose
GetUserDefaultLCID
EnumSystemLocalesA
HeapFree
GetStringTypeA
GetProcAddress
SetStdHandle
GetTimeFormatA
OpenMutexA
ExitProcess
EnterCriticalSection
CreateMutexA
GetPrivateProfileStructW
GetLocaleInfoA
GetConsoleMode
HeapReAlloc
GetDateFormatA
GetCPInfo
HeapCreate
InterlockedIncrement
Sleep
TlsSetValue
InterlockedExchange
WriteConsoleW
IsDebuggerPresent
ReadFile
MultiByteToWideChar
GetConsoleOutputCP
VirtualFree
FreeLibrary
SetHandleCount
GetConsoleCP
VirtualQuery
SetLastError
GetCurrentThreadId
CompareStringA
LeaveCriticalSection
GetTickCount
GetModuleHandleA
GetCurrentProcess
GetStringTypeW
GetLocaleInfoW
GetStartupInfoA
WriteFile
GetCurrentProcessId
CreateFileA
GetCommandLineA
GetStringTypeExW
HeapAlloc
LCMapStringA
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
DeleteCriticalSection
IsValidLocale
HeapDestroy
GetACP
RtlUnwind
RtlMoveMemory
SetConsoleCtrlHandler
VirtualAlloc
TerminateProcess
GetTimeZoneInformation
FreeEnvironmentStringsA
FlushFileBuffers
TlsFree
SetEnvironmentVariableA
UnhandledExceptionFilter
GetStdHandle
GetFileType
HeapSize
CloseHandle
GetOEMCP
QueryPerformanceCounter
GetModuleHandleW
TlsGetValue
IsValidCodePage
GetEnvironmentStrings
LCMapStringW
GetModuleFileNameA
TlsAlloc
LoadLibraryA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentThread
FreeEnvironmentStringsW
WriteConsoleA
SetFilePointer
GetLastError
InterlockedDecrement

comctl32

InitCommonControlsEx

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38ffe0100cb47bff859b855077c8c625

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 9KB - Virtual size: 25KB

.data Size: 209KB - Virtual size: 208KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 9KB - Virtual size: 25KB

.data
Size: 209KB - Virtual size: 208KB

.rsrc
Size: 6KB - Virtual size: 5KB