88e031653635aac12d2659c9b31f969c

Sharing

Copy URL Twitter E-mail

General

Target

88e031653635aac12d2659c9b31f969c
Size

280KB
MD5

88e031653635aac12d2659c9b31f969c
SHA1

cd7044f7799ffeb466f66a0fe3ecb6ae2ae1aa70
SHA256

c4dea6eb7222c46c46cd9581c92077d4e2d92daa4f5e1f3852288465c76f73d4
SHA512

5f964a935eb63afbf3769de50863f8e63883f40b6bea9ab19f236482748d3e244533beb9bfdeaa305183788c033f18fe8d8ddc2113767c95861002c95c10156a
SSDEEP

6144:SEgrVMQ0it29a6uQTTR1xm9aPfHI7CJTjOhL5q8a/DY11q:YrVJR29FT7YaXI7gChL5qqK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88e031653635aac12d2659c9b31f969c

Files

88e031653635aac12d2659c9b31f969c
.exe windows:4 windows x86 arch:x86

d616b48af46c5c01b8f224be838611fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
CreateThread
GetLocalTime
InterlockedDecrement
Sleep
GetFileAttributesW
SuspendThread
FindResourceW
GetLastError
InterlockedIncrement
lstrlenW
WideCharToMultiByte
SetLastError
FreeResource
GetCurrentThread
ExitProcess
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibrary
CreateWaitableTimerW
GetPrivateProfileStringW
CreateFileW
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
WriteFile
ReadFile
ReadProcessMemory
DuplicateHandle
lstrcpyW
SetEvent
GetLogicalDrives
GlobalDeleteAtom
GetSystemTime
FindResourceExW
MultiByteToWideChar
FindFirstFileW
FileTimeToSystemTime
GetFileSize
GlobalFree
DeleteFileW
GlobalAddAtomW
GetFileAttributesExW

user32

AppendMenuW
GetClassNameW
LoadImageW
SetDlgItemTextW
DestroyMenu
CreateWindowExW
SetWindowPos
SystemParametersInfoW
LoadIconW
ReleaseCapture
GetWindowTextW
VkKeyScanW
LoadBitmapW
PostMessageW
DispatchMessageW
RegisterHotKey
DrawTextW
GetKeyState
GetSysColor
DestroyIcon
SetForegroundWindow
InvalidateRect
SetLayeredWindowAttributes
PostThreadMessageW
TrackPopupMenu
ReleaseDC
GetWindowDC
wsprintfW
RegisterWindowMessageW
IsDlgButtonChecked
TranslateMessage
GetSystemMetrics
DefWindowProcW

gdi32

GetDeviceCaps
GetStockObject
DeleteObject
DeleteDC
CreateSolidBrush
CreateBitmap
CreateCompatibleBitmap
DPtoLP
CreateRoundRectRgn
StretchBlt
CreateDCW
CreatePen
SetMapMode
MoveToEx
SelectObject
SetBkMode
CreateCompatibleDC

advapi32

LookupAccountSidW
LookupPrivilegeValueW
RegSetValueExW
RegNotifyChangeKeyValue
StartServiceW
RegDeleteValueW

shell32

Shell_NotifyIconW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoInitialize

oleaut32

OleLoadPicture
SysFreeString

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d616b48af46c5c01b8f224be838611fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 20KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 20KB