859b2dcb5fe2dec933838da5190544b1

Sharing

Copy URL

Twitter E-mail

General

Target

859b2dcb5fe2dec933838da5190544b1
Size

412KB
MD5

859b2dcb5fe2dec933838da5190544b1
SHA1

c28ef6f73cd9a391b73181b9989b063c6496b10f
SHA256

5feb8f4fd26e2faddfc0e62952972728142976f1b8b1218cdb90940a4234d0b5
SHA512

69e50431aa837ff14a763d2cbcd9eeb257b1890b2ee1966e8f6866ef49d411e22ef81eb2036fbbf277341acd93e2c717d5999bf54a79ef0791a14396964ceb20
SSDEEP

6144:bd86VvqpReXOKwMWAHAtxoWhbUIs2Qrgg/04qBvmF5E//OQbNuZPFKVwEkz6m:bd8OebMb6xoWhbUIs2QUt4qwF5zFK+e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859b2dcb5fe2dec933838da5190544b1

Files

859b2dcb5fe2dec933838da5190544b1
.exe windows:4 windows x86 arch:x86

fe197d84816581732c8d4c1f3046aca5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
HeapFree
LCMapStringW
LCMapStringA
CompareStringA
InterlockedIncrement
GetEnvironmentStrings
GetStdHandle
MultiByteToWideChar
CreateMutexA
RtlFillMemory
ReadFile
SetHandleCount
IsBadWritePtr
QueryPerformanceCounter
GetFullPathNameA
RtlUnwind
GetProcAddress
GetCurrentProcessId
TlsAlloc
SetFilePointer
GetCurrentThreadId
GetCurrentThread
SetEnvironmentVariableA
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
InterlockedExchange
HeapCreate
ExitProcess
TlsFree
MoveFileA
WriteConsoleOutputW
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
TlsSetValue
GetConsoleOutputCP
SetStdHandle
TerminateProcess
TlsGetValue
GetLocalTime
OutputDebugStringA
GetSystemTime
OpenMutexA
LeaveCriticalSection
GetCurrentProcess
IsValidLocale
InterlockedDecrement
GetModuleFileNameA
HeapDestroy
MoveFileExA
FreeEnvironmentStringsW
GetOEMCP
WriteFile
GetEnvironmentStringsW
GetACP
InitializeCriticalSection
GetStringTypeA
GetCPInfo
FreeEnvironmentStringsA
GetThreadContext
HeapAlloc
GetCommandLineA
WideCharToMultiByte
GetVersion
SetLastError
GetLastError
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DeleteCriticalSection
GetFileType
CloseHandle
VirtualAlloc
VirtualFree
lstrcpynA
HeapReAlloc
VirtualQuery
EnterCriticalSection
CompareStringW

user32

SetTimer
RegisterClassA
MessageBoxA
SetCursor
WINNLSGetEnableStatus
BroadcastSystemMessageA
DestroyWindow
GetInputDesktop
ShowWindow
CreateWindowExA
DefWindowProcA
SetWindowLongW
SetClipboardData
wsprintfW
IsDialogMessageW
GetWindowTextLengthW
ScreenToClient
GetKeyboardLayoutNameW
SendMessageTimeoutW
GetDlgItemTextW
RegisterClipboardFormatA
InsertMenuW
DrawTextA
IsCharLowerW
EnumPropsA
DrawStateA
MessageBoxIndirectW
GetKeyState
GetScrollInfo
RegisterClassExA
CloseWindow
GetProcessDefaultLayout
CreateWindowExW
GetUserObjectSecurity
TrackMouseEvent
PostQuitMessage
SetFocus
DdeNameService
FillRect
ToUnicode
SetSystemCursor

comctl32

ImageList_DrawIndirect
ImageList_GetImageCount
ImageList_ReplaceIcon
CreatePropertySheetPage
DrawStatusText
InitCommonControlsEx
ImageList_Read
DrawInsert
ImageList_Remove
DrawStatusTextW
ImageList_GetImageRect

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe197d84816581732c8d4c1f3046aca5

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 100KB - Virtual size: 115KB

.rsrc Size: 104KB - Virtual size: 101KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 100KB - Virtual size: 115KB

.rsrc
Size: 104KB - Virtual size: 101KB