8ab6c973bc2753cfc722823f6fc9b9bc

General

Target

8ab6c973bc2753cfc722823f6fc9b9bc
Size

157KB
MD5

8ab6c973bc2753cfc722823f6fc9b9bc
SHA1

130fa264f682270b53c8e49d10ea84c7d383ee65
SHA256

75c242c688216f9d653a718667adaec3387d5771d4f1c8662cce5543a09fbbe0
SHA512

67446cb0e75ba732e4fcb3863bef0cbf9eb4c648f85dd3164d0fb61b8653ed04882c4dbc753211669b506742331f09534cb3f185684fe2793a1ea8dbc82a04c8
SSDEEP

3072:hHvUBd7vQzU8Km1vdefjm92t1AW58Jre1pgSLpwhbOF7v8qeWa:hPUB1Qz7vimU75COKSLpwhbev83

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ab6c973bc2753cfc722823f6fc9b9bc

Files

8ab6c973bc2753cfc722823f6fc9b9bc
.exe windows:4 windows x86 arch:x86

58a96629cd8c83d1da17bd2d71441107

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHQueryInfoKeyA
SHDeleteValueA
SHEnumValueA
PathIsDirectoryA
SHSetValueA
SHGetValueA

user32

GetActiveWindow
FillRect
FrameRect
DrawMenuBar
IsWindow
GetMenu
EnableWindow
FindWindowA
EqualRect

shell32

SHFileOperationA
SHGetDesktopFolder
DragQueryFileA
SHGetSpecialFolderLocation
Shell_NotifyIconA

kernel32

GetCurrentThreadId
CompareStringA
CreateEventA
GetModuleFileNameA
GlobalDeleteAtom
VirtualAllocEx
ResetEvent
VirtualAlloc
FreeLibrary
lstrcatA
FormatMessageA
ExitProcess
LoadLibraryA
WideCharToMultiByte
GetUserDefaultLCID
SetThreadLocale
lstrlenA
GetCommandLineA
DeleteCriticalSection
FindClose
GlobalAddAtomA
FindResourceA
HeapAlloc

Exports

Exports

_soYKv2o
suue5x8GCr4JP
_ucr72tI

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 1024B - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58a96629cd8c83d1da17bd2d71441107

Headers

File Characteristics

Imports

shlwapi

user32

shell32

kernel32

Exports

Exports

Sections

CODE Size: 28KB - Virtual size: 28KB

.rdata Size: 9KB - Virtual size: 104KB

.data Size: 107KB - Virtual size: 107KB

.idata Size: 1KB - Virtual size: 1KB

.tdata Size: 1024B - Virtual size: 606B

.rsrc Size: 8KB - Virtual size: 8KB

CODE
Size: 28KB - Virtual size: 28KB

.rdata
Size: 9KB - Virtual size: 104KB

.data
Size: 107KB - Virtual size: 107KB

.idata
Size: 1KB - Virtual size: 1KB

.tdata
Size: 1024B - Virtual size: 606B

.rsrc
Size: 8KB - Virtual size: 8KB