87348a2e6d637218999290462142289d

Sharing

Copy URL Twitter E-mail

General

Target

87348a2e6d637218999290462142289d
Size

160KB
MD5

87348a2e6d637218999290462142289d
SHA1

1fd215ce9f9a3a693a999ad95d4e11c724004e2a
SHA256

7b9373a917b9678ac58a6215bf32a7425bceb187813adb1e7bb39ac16384db8a
SHA512

815864f2ad56deb7c15b044188257cab482d9c1305a65a667651216bf7f583f7e5dc75e68becf221a41dcd5ebb19e65cd3b7413d9e4970921b7bd8059f293ceb
SSDEEP

3072:1fe8KAF/5JcOQqRejgREWc9QeyzPyqwCm/:xe8DIVjgKpBiPyqw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87348a2e6d637218999290462142289d

Files

87348a2e6d637218999290462142289d
.exe windows:4 windows x86 arch:x86

2ab1c6d31b0d8aed6f3ba5e4c335ad80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawIndirect
ImageList_Merge
ImageList_Replace
ImageList_DragEnter
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Copy
ImageList_LoadImage
ImageList_Destroy
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_Create
ImageList_Draw
ImageList_DragLeave
ImageList_EndDrag
ImageList_GetDragImage
ImageList_Read
ImageList_Remove
ImageList_DragMove
ImageList_DrawEx
ImageList_GetImageRect

kernel32

GetComputerNameA
GetFileSize
DeleteFileW
DeleteFileA
GlobalFree
ReadConsoleW
CopyFileW
FindFirstFileA
ExitThread
DeleteAtom
CopyFileExW
CopyFileA
SetLastError
WriteFile
CopyFileExA
GetConsoleMode
ReadFile
ReadConsoleA
FindAtomA
CreateDirectoryA
GetFileTime
OpenFile
FindAtomA
DeleteFileW
ReadConsoleA
GetFileSize
Sleep
CopyFileExA
CreateDirectoryA
FindFirstFileA
GetCommandLineA
SetLastError
OpenFileMappingA
ReadFile
GetComputerNameA
GetCPInfo
WriteFile
DeleteFileA
Sleep
CreateThread
OpenFileMappingA
GetFileSize
GetCommandLineA
CopyFileExA
ReadConsoleA
ExitThread
CopyFileExW
GetFileTime
WriteFile
CopyFileW
OpenFile
ReadFile
FindFirstFileA
ReadConsoleW
GetComputerNameA
SetLastError
DeleteFileW
GetCPInfo

advapi32

RegOpenKeyW
RegCreateKeyExW
RegLoadKeyW
RegEnumValueW
RegQueryInfoKeyA
RegEnumKeyW
RegDeleteValueA
RegReplaceKeyA
RegReplaceKeyW
RegCreateKeyW
RegFlushKey
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueA
RegOpenKeyA
RegQueryValueExW
RegCreateKeyExA
RegOpenKeyExW
RegLoadKeyA

user32

BlockInput
DrawTextW
CloseWindow
CreateIcon
LoadCursorA
DrawIconEx
GetDC
DrawIcon
GetWindowTextLengthA
AppendMenuA
DrawTextA
DialogBoxParamA
CopyIcon
EndDialog
GetWindowTextA
CalcMenuBar
CopyImage
LoadMenuA
CopyRect
AlignRects

Sections

CODE
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.XBOxyg
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sJgYsH
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MpdUsX
Size: 4KB - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sMVSjK
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BdozpW
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qXSgCp
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ab1c6d31b0d8aed6f3ba5e4c335ad80

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

user32

Sections

CODE Size: 4KB - Virtual size: 3KB

.XBOxyg Size: 8KB - Virtual size: 6KB

.sJgYsH Size: 4KB - Virtual size: 1KB

.rdata Size: 124KB - Virtual size: 2.6MB

.MpdUsX Size: 4KB - Virtual size: 118B

.sMVSjK Size: 4KB - Virtual size: 1KB

.BdozpW Size: 4KB - Virtual size: 3KB

.qXSgCp Size: 4KB - Virtual size: 3KB

CODE
Size: 4KB - Virtual size: 3KB

.XBOxyg
Size: 8KB - Virtual size: 6KB

.sJgYsH
Size: 4KB - Virtual size: 1KB

.rdata
Size: 124KB - Virtual size: 2.6MB

.MpdUsX
Size: 4KB - Virtual size: 118B

.sMVSjK
Size: 4KB - Virtual size: 1KB

.BdozpW
Size: 4KB - Virtual size: 3KB

.qXSgCp
Size: 4KB - Virtual size: 3KB