89c9e2942a27c8782595aeac0b37d4e2

Sharing

Copy URL Twitter E-mail

General

Target

89c9e2942a27c8782595aeac0b37d4e2
Size

169KB
MD5

89c9e2942a27c8782595aeac0b37d4e2
SHA1

09f8c80db14c492a1056360d4c097397a4835efb
SHA256

bdc4157a26ddaac6f8ed585dfe43661c382487afeba83e9128fb5520175f431f
SHA512

46cbee97273b38eed960828cfb050b6c437cd80ba2ea77efa1a1a204cf2c5c69f9dbacf1da9fb4e246cb75da0f7829be3f561654e9b16511fc82f1f670a5bffb
SSDEEP

3072:VwsgTT8vSqe+XsbCr2PtQ1XBEMN46aC8K46oWL1qU:aZqeCwQ1tICX46sU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89c9e2942a27c8782595aeac0b37d4e2

Files

89c9e2942a27c8782595aeac0b37d4e2
.exe windows:4 windows x86 arch:x86

5eed2be1bc1d495f6828b1f41c008d77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
WaitForSingleObject
ExitThread
GetFullPathNameA
FormatMessageA
GlobalAddAtomA
VirtualAllocEx
FindFirstFileA
EnumCalendarInfoA
LoadLibraryExA
FindClose
GetCurrentThread
GetFileType
Sleep
SetEndOfFile
ResetEvent
CompareStringA
GlobalFindAtomA
GetVersionExA
GetCommandLineA
GetLocaleInfoA
lstrcpyA
GetCPInfo
GetCurrentProcess
GetThreadLocale
GetCurrentThreadId
SetLastError
SetThreadLocale
SetErrorMode
LockResource
GlobalAlloc
SizeofResource
CreateFileA
GlobalDeleteAtom
LocalReAlloc
GetModuleFileNameA
SetHandleCount
SetEvent
ExitProcess
EnterCriticalSection
lstrcatA
GetLocalTime
GetSystemDefaultLangID
HeapAlloc
GetFileSize
MoveFileExA
RaiseException
GetProcAddress
GetLastError
GetModuleHandleA
LoadLibraryA
GetUserDefaultLCID
MoveFileA
DeleteFileA
lstrlenA
GetOEMCP
GetStdHandle
InitializeCriticalSection
ReadFile
HeapDestroy
GetEnvironmentStrings

msvcrt

atan
memmove
calloc
memcpy
strncmp

advapi32

RegCreateKeyA

oleaut32

SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayCreate

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA
FindTextA

user32

GetSysColor
GetMenuItemID
GetClassInfoA
GetParent
CallNextHookEx
IsChild
GetSubMenu
DeferWindowPos
GetScrollRange
DrawIcon
GetPropA
CharLowerA
GetClipboardData
GetMenuItemInfoA
BeginDeferWindowPos
IsWindowEnabled
RegisterClassA
GetSysColorBrush
DrawEdge
GetDlgItem
CheckMenuItem
GetScrollInfo
IsDialogMessageA
GetMessagePos
GetScrollPos
GetCursor
GetWindow
DrawIconEx
GetMenuState
GetMenuStringA
GetWindowTextA
GetFocus
EnableWindow
SetWindowPos
BeginPaint

ole32

OleCreateStaticFromData
MkParseDisplayName

comctl32

ImageList_Add
ImageList_Remove
ImageList_DragShowNolock
ImageList_Read
ImageList_Draw
ImageList_Create

version

VerInstallFileA
GetFileVersionInfoA

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5eed2be1bc1d495f6828b1f41c008d77

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

oleaut32

comdlg32

user32

ole32

comctl32

version

Sections

.text Size: 49KB - Virtual size: 49KB

.tls Size: 1KB - Virtual size: 93KB

.bss Size: 116KB - Virtual size: 116KB

.text
Size: 49KB - Virtual size: 49KB

.tls
Size: 1KB - Virtual size: 93KB

.bss
Size: 116KB - Virtual size: 116KB