859538b84da84cdef8ad43da6b8d76dc

Sharing

Copy URL

Twitter E-mail

General

Target

859538b84da84cdef8ad43da6b8d76dc
Size

544KB
MD5

859538b84da84cdef8ad43da6b8d76dc
SHA1

e88ac36454124e1a69c6ce6c53ed97afbb50a797
SHA256

cabfc4d23a14c660176be9f39798e346da9fd1fc394d3c0cc54c558cbf2b4561
SHA512

ce6beca196d389eabb0687e6ac99fc63e6ffb1a65cb8da89293360473c657914c6ca4fbea98c6c2d84902bc61deb55745732b42ea57ef6b1699016e23dfa0b17
SSDEEP

12288:0tOVebBmeQKYrDysfThuabp7ezXBBl4iuR4AwwWIsOXbyxpnsL7q42:0tO4lmKWDysVuap0BAiObXXbmsL7j2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859538b84da84cdef8ad43da6b8d76dc

Files

859538b84da84cdef8ad43da6b8d76dc
.exe windows:4 windows x86 arch:x86

f488b9108935065f0d73d1bb3e2d438a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerInstallFileA

gdi32

ExtTextOutW
UpdateColors

kernel32

GetConsoleMode
GlobalReAlloc
GetProfileIntA
GetLogicalDriveStringsA
CreateMutexW
GetTempPathW
GetPrivateProfileSectionW
FindFirstFileW
CompareStringA
GetACP
ReadFile
SetProcessAffinityMask
GlobalGetAtomNameW
SetConsoleTitleA
FreeLibrary
GetSystemInfo
EnumSystemCodePagesA
GetEnvironmentVariableW
_lopen
lstrcmpiW
OpenFile
FindCloseChangeNotification
CreateDirectoryExA
DosDateTimeToFileTime
VirtualProtect
WritePrivateProfileSectionW
CreateProcessA
GetBinaryTypeA
DeleteFiber
GetProcessHeap
LCMapStringA
lstrcpynA
FlushConsoleInputBuffer
RaiseException
ExitProcess
SizeofResource

ole32

OleConvertIStorageToOLESTREAM
IIDFromString
CreateStreamOnHGlobal
PropVariantCopy

user32

SetThreadDesktop
DestroyWindow
MapVirtualKeyA
ToUnicodeEx
FindWindowW
GetScrollRange
SetCursorPos
GetCapture
GetGuiResources
SetRect
SetWindowWord
SetWindowTextA

oleaut32

SafeArrayRedim
SafeArrayCreate
SafeArrayGetElement

comdlg32

GetFileTitleA
GetOpenFileNameW

comctl32

ImageList_DrawIndirect
ImageList_Add
ImageList_GetImageCount
ImageList_Replace

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f488b9108935065f0d73d1bb3e2d438a

Headers

File Characteristics

Imports

version

gdi32

kernel32

ole32

user32

oleaut32

comdlg32

comctl32

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 267KB - Virtual size: 267KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 267KB - Virtual size: 267KB

.rsrc
Size: 16KB - Virtual size: 16KB