b37ec2e62d54a97588a9f28b2c99ee0215e0ba29eb9fbc675057037e92a27574

Sharing

Copy URL Twitter E-mail

General

Target

b37ec2e62d54a97588a9f28b2c99ee0215e0ba29eb9fbc675057037e92a27574
Size

540KB
MD5

dbe8c18ff623bb80724c2427958014d7
SHA1

c4a8c5c855bbaec68c976f605ba1c70fcc18dfcf
SHA256

b37ec2e62d54a97588a9f28b2c99ee0215e0ba29eb9fbc675057037e92a27574
SHA512

be4b06c756b21f8312a9d7e6448c57a97130390fd9ec3e32465269dc2f3b639f35e9a586ccc392d00c8e81e9dfca3fc9055868454e8d8e93871779a43dea17e5
SSDEEP

6144:7ynMVotkfXYjghBaC9+xplGHT45po2weIwPR:7ynMmSfojABRgxpluTep41w5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b37ec2e62d54a97588a9f28b2c99ee0215e0ba29eb9fbc675057037e92a27574

Files

b37ec2e62d54a97588a9f28b2c99ee0215e0ba29eb9fbc675057037e92a27574
.exe windows:4 windows x86 arch:x86

98febf4addcc2119e18441382094c249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA

kernel32

FindResourceA
GetTempPathA
GetProcAddress
GetModuleHandleA
GetTickCount
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetFilePointer
FlushFileBuffers
SizeofResource
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
LoadResource
LockResource
FreeResource
DeleteFileA
SetEndOfFile
ReadFile
SetStdHandle
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetLastError
CloseHandle
WriteFile
UnhandledExceptionFilter

shell32

Shell_NotifyIconA

user32

GetDC
ReleaseDC
MessageBoxA
RegisterClassA
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
KillTimer
SetWindowPos
SystemParametersInfoA
ShowWindow
PostQuitMessage
GetWindowRect
GetSubMenu
GetCursorPos
BringWindowToTop
SetForegroundWindow
TrackPopupMenu
DestroyMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
SetTimer
PtInRect
SendMessageA
LoadMenuA

gdi32

CreateCompatibleDC
SelectObject
DeleteDC
CreateDIBSection
DeleteObject
GetObjectA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ropf
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98febf4addcc2119e18441382094c249

Headers

File Characteristics

Imports

winmm

kernel32

shell32

user32

gdi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 452KB - Virtual size: 452KB

.ropf Size: 28KB - Virtual size: 25KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 452KB - Virtual size: 452KB

.ropf
Size: 28KB - Virtual size: 25KB