72a41eaded2762abae68d3b2c51ca646

Sharing

Copy URL

Twitter E-mail

General

Target

72a41eaded2762abae68d3b2c51ca646
Size

167KB
MD5

72a41eaded2762abae68d3b2c51ca646
SHA1

1c245321efe18f070daf4c6c0be39c93045a528a
SHA256

45d14c5aae38ea1512f53d172e50e09d9384e8c23577c81d597ad6fa2fdb6c18
SHA512

9eea6aacc8d14a890d6bbab98ac3e88842f5db688f97fd39287e252e7b888b303cd97cbe436b5a6c9d89c51471834c63190e2f17edd99f5061ddb8b7eb155e66
SSDEEP

3072:ozycQ4i4R0lZC701yh0VJMcFJXugwIauEaAe7TIqs0/hNV86auv:jpRnC70zzXRwIkcIqsKu6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72a41eaded2762abae68d3b2c51ca646

Files

72a41eaded2762abae68d3b2c51ca646
.exe windows:4 windows x86 arch:x86

34247b5287b152fd7e21c9b62b69fbe3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegQueryValueW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueExW

comdlg32

GetFileTitleW

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathIsUNCW
PathFileExistsW
PathStripToRootW
PathFindExtensionW
PathAppendW

ole32

CoUninitialize
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
OleUninitialize
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoInitialize
CoCreateInstance
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoFreeUnusedLibraries
CoTaskMemFree
OleInitialize
CLSIDFromString

gdi32

SetBkColor
GetRgnBox
SetViewportOrgEx
ScaleWindowExtEx
Escape
PtVisible
CreateBitmap
GetTextColor
TextOutW
SetWindowExtEx
GetObjectW
GetStockObject
GetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetMapMode
SelectObject
ExtSelectClipRgn
GetViewportExtEx
SaveDC
SetTextColor
GetBkColor
GetDeviceCaps
GetClipBox
DeleteObject
DeleteDC
ExtTextOutW
GetMapMode
RectVisible
RestoreDC
CreateRectRgnIndirect

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

oledlg

OleUIBusyW

kernel32

SetFilePointer
MultiByteToWideChar
lstrcpyW
InterlockedExchange
GetModuleHandleW
EnumResourceLanguagesW
CreateDirectoryW
DeleteFileW
GetCalendarInfoA
WaitForSingleObject
VirtualFree
GetThreadContext
LoadResource
InterlockedDecrement
WriteFile
InitializeCriticalSection
GetLocaleInfoW
SystemTimeToFileTime
GetFileAttributesW
FindResourceW
ReleaseMutex
GetLocaleInfoA
FindClose
GetModuleFileNameW
MoveFileW
LoadLibraryW
GetVersion
EnumResourceNamesA
GetCurrentProcessId
CreateMutexW
SizeofResource
DeleteCriticalSection
FindNextFileW
ReadFile
ConvertDefaultLocale
GetCurrentDirectoryW
LockResource
CreateFileW
ExitProcess
RaiseException
GetSystemDefaultLangID
GetThreadLocale
RemoveDirectoryW
GetProcAddress
CloseHandle
SetFileTime
WideCharToMultiByte
GetVersionExW
LocalFileTimeToFileTime
FreeLibrary
lstrcmpiA
GetACP
FindFirstFileW
lstrcmpA

user32

GetWindowPlacement
RegisterClassW
IntersectRect
LoadIconW
InvalidateRgn
IsIconic
SetForegroundWindow
GetNextDlgGroupItem
IsRectEmpty
SendDlgItemMessageA
MessageBeep
UpdateWindow
IsWindow
InvalidateRect
CharUpperW
AdjustWindowRectEx
RemovePropW
SetActiveWindow
EqualRect
GetClassInfoExW
SetRect
GetForegroundWindow
GetPropW
SetPropW
IsChild
CreateWindowExW
GetMenu
CopyAcceleratorTableW
MapWindowPoints
GetMessageTime
GetMessagePos
GetClassInfoW
DefWindowProcW
RegisterWindowMessageW
GetNextDlgTabItem
WinHelpW
CallWindowProcW
CharNextW
OffsetRect
GetClassLongW
GetClientRect
GetTopWindow
DestroyMenu

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34247b5287b152fd7e21c9b62b69fbe3

Headers

File Characteristics

Imports

advapi32

comdlg32

shlwapi

ole32

gdi32

shell32

winspool.drv

oledlg

kernel32

user32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 68KB - Virtual size: 68KB

.edata Size: 1024B - Virtual size: 88KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 68KB - Virtual size: 68KB

.edata
Size: 1024B - Virtual size: 88KB