734e1037c2a70f7c1e839062b9d535d0

General

Target

734e1037c2a70f7c1e839062b9d535d0
Size

14KB
MD5

734e1037c2a70f7c1e839062b9d535d0
SHA1

5a2125680c4d7da90f63b976e8066d2bf4391400
SHA256

f35df04ed1136f8d2f0527535784877116b4ed5ca633cbcb96269c6b634d7605
SHA512

e82c2f7b46fb89434c9a81c93b36869ed96184c2ecb1ebb6687026486646334dfc8d88764ed405b5db7f8d9cb6127eb1a9fc05481fe157589dc57e77e940a0e3
SSDEEP

192:fw+iwy+Ln+kP055wOUW1zATU9f/u/WvzkQywKeDwm0NWnU9uk55QQhLMNdvRhoka:fPZy+LnrPb1Q0YZwWvbloWsvhLMok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
734e1037c2a70f7c1e839062b9d535d0

Files

734e1037c2a70f7c1e839062b9d535d0
.exe windows:2 windows x86 arch:x86

19ebeea402388e32351ab8cf0bcc7317

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

DragQueryFileA
SHSimpleIDListFromPath
SHHelpShortcuts_RunDLLA
PrintersGetCommand_RunDLLA
SHReplaceFromPropSheetExtArray
SHOpenFolderAndSelectItems
Shell_GetImageLists
ExtractIconEx
ExtractIconExA
SHIsFileAvailableOffline
SHInvokePrinterCommandA
PifMgr_CloseProperties
SHCreatePropSheetExtArray
WriteCabinetState
IsLFNDrive
SHGetDataFromIDListA
RealDriveType
SHValidateUNC
SHGetFolderPathAndSubDirA
SHGetAttributesFromDataObject
IsLFNDriveA
DAD_DragEnterEx2
SHDestroyPropSheetExtArray
ShellExecuteA
DAD_DragMove
ILGetSize
SHChangeNotifyDeregister
SHChangeNotifyRegister
SHMultiFileProperties
ExtractIconA
ILGetNext
SHCloneSpecialIDList
WOWShellExecute
DAD_AutoScroll

user32

UpdateWindow
CheckMenuItem
GetWindowLongA
DispatchMessageA
SetFocus
CharNextA
GetMenu
DestroyWindow
BeginPaint
IsDialogMessageA
TranslateMessage
GetMessageA
RegisterClassExA
SendMessageA
DefWindowProcA
DialogBoxParamA
GetClientRect
EnableMenuItem
ShowWindow
CreateWindowExA
GetWindowTextA

kernel32

GetLastError
IsBadStringPtrA
SystemTimeToFileTime
CreateFileA
CreateMailslotA
FileTimeToDosDateTime
WaitNamedPipeA
GetEnvironmentStringsA
DeleteFileA
GetFileTime
SetFilePointer
GetSystemTime
GetVersion
VirtualAllocEx
ReadFile
ConnectNamedPipe
CloseHandle
CreateMutexA
FreeEnvironmentStringsA
OpenMutexA
ExpandEnvironmentStringsA
GetCurrentProcessId
GetSystemTimes
ReleaseMutex

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19ebeea402388e32351ab8cf0bcc7317

Headers

DLL Characteristics

File Characteristics

Imports

shell32

user32

kernel32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB