87ef13b741734fdf737e1d399949fc98

Sharing

Copy URL Twitter E-mail

General

Target

87ef13b741734fdf737e1d399949fc98
Size

456KB
MD5

87ef13b741734fdf737e1d399949fc98
SHA1

574b7f18613da25ba1b7c06e46b4914b411d908e
SHA256

0aae51ac99d578fdd61d6c825debad5b458cc7d3e5696b468c8598b61365d19e
SHA512

e832200f5d5498ffa5aec4e502dbc542078b687f8e149ff4f9a16040277962ad817fdc067fdbab8b13cf0b035f946bfbff1a4a8ead37db55caf9db1e52a2fb61
SSDEEP

12288:guULm3RZzu21Kh3I1he+5KSbDcKgZNML:ndUIKSbwrZNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87ef13b741734fdf737e1d399949fc98

Files

87ef13b741734fdf737e1d399949fc98
.exe windows:4 windows x86 arch:x86

9af7034d17f105782b3692f82bc4a40c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextW
GetFileTitleW

kernel32

GetModuleFileNameW
SetHandleCount
GetCurrentProcess
SetEnvironmentVariableA
VirtualFree
FreeEnvironmentStringsW
GetModuleHandleA
GlobalFree
GetSystemTimeAsFileTime
EnterCriticalSection
GetStdHandle
UnhandledExceptionFilter
GetEnvironmentStrings
InterlockedIncrement
GetFileType
TlsSetValue
InterlockedExchange
LCMapStringW
GetTimeFormatA
GetStringTypeA
IsValidLocale
GetProcAddress
GetSystemTime
GetModuleHandleW
TlsAlloc
HeapFree
CreateNamedPipeW
TlsFree
GetProfileSectionW
GetACP
GetStartupInfoW
GetOEMCP
lstrcpynA
InterlockedDecrement
GetCPInfo
QueryPerformanceCounter
GetProfileIntA
MultiByteToWideChar
GetModuleFileNameA
HeapAlloc
WideCharToMultiByte
HeapReAlloc
GetDateFormatA
LoadLibraryA
GetCommandLineW
GetTimeZoneInformation
EnumSystemLocalesA
GetLocaleInfoW
TerminateProcess
GetEnvironmentStringsW
Sleep
WriteConsoleOutputCharacterW
GetCurrentProcessId
FindResourceExA
OpenProcess
GetLocaleInfoA
SetUnhandledExceptionFilter
CompareStringW
GetStartupInfoA
GetCurrentThread
WriteFile
HeapSize
HeapCreate
GetLastError
VirtualAlloc
LCMapStringA
HeapDestroy
GetStringTypeW
VirtualQuery
GetVolumeInformationW
VirtualProtectEx
ExitProcess
SetConsoleCtrlHandler
SetLastError
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
IsValidCodePage
GetTickCount
GetUserDefaultLCID
DeleteCriticalSection
IsDebuggerPresent
RtlUnwind
GetFileAttributesW
GetCurrentThreadId
LocalReAlloc
CompareStringA
TlsGetValue
GetTempPathW
FreeLibrary

shell32

ShellExecuteW
SHEmptyRecycleBinW
SHGetSpecialFolderLocation
CheckEscapesW
SHFreeNameMappings

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9af7034d17f105782b3692f82bc4a40c

Headers

File Characteristics

Imports

comdlg32

kernel32

shell32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 8KB - Virtual size: 26KB

.data Size: 282KB - Virtual size: 281KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 8KB - Virtual size: 26KB

.data
Size: 282KB - Virtual size: 281KB

.rsrc
Size: 7KB - Virtual size: 6KB