97cfca0134b7527fd1ee784fb1cae5a0

Sharing

Copy URL Twitter E-mail

General

Target

97cfca0134b7527fd1ee784fb1cae5a0
Size

205KB
MD5

97cfca0134b7527fd1ee784fb1cae5a0
SHA1

fa91902fd7a49a27258515c5dc1d9e1b9063d9d8
SHA256

cb612c52b5541accae36d38bd9cca083eb6dae0cae026fdc1e5146386c88df25
SHA512

c73f764d135e13aeab152d331c4697533aa8098097222bfd1918c1bb9b56372c47ae965d9e71f2746f923dedf92ed6edc93e4208ff0d15bae0840568059772ab
SSDEEP

3072:bYTQkMiHb3yTvWBPWCb80VgFOZ0GNLpmi0gHQBmLQ5zKG2UTyem0iLPT/obpSaZg:EyO3BPW0V/IgHQBmLoOGRv5i3US

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97cfca0134b7527fd1ee784fb1cae5a0

Files

97cfca0134b7527fd1ee784fb1cae5a0
.dll windows:4 windows x86 arch:x86

6c628287a7b4b73148128f1347021149

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetMenuStringA
wsprintfA
GetClassNameA
MapVirtualKeyA
SetActiveWindow
GetMenuItemID
SetParent
IsZoomed
RedrawWindow
ActivateKeyboardLayout
DrawEdge
GetSysColor
AdjustWindowRectEx
GetActiveWindow
DrawIcon
SetScrollPos
LoadKeyboardLayoutA
DrawMenuBar
DefFrameProcA
CallNextHookEx
DestroyWindow
GetKeyboardState
GetKeyNameTextA
PeekMessageW
MsgWaitForMultipleObjects
PostQuitMessage
ShowWindow
EnableWindow
InsertMenuItemA
ClientToScreen
DrawIconEx
SetCursor

gdi32

GetDCOrgEx
CreatePalette
GetCurrentPositionEx

shell32

SHGetDiskFreeSpaceA
SHGetFolderPathA
SHGetFileInfoA

advapi32

RegDeleteKeyA
RegOpenKeyA

ole32

CoTaskMemFree
StringFromIID
WriteClassStm
ReleaseStgMedium
StgCreateDocfileOnILockBytes
OleRegGetUserType
CoUninitialize
CLSIDFromString

kernel32

InitializeCriticalSection
GetCurrentThread
FindClose
GetDateFormatA
GetVersion
LoadLibraryExA
RaiseException
LockResource
VirtualFree
SetEndOfFile
SetLastError
VirtualAllocEx
GetLastError
FindResourceA
DeleteFileA
LocalAlloc
GetEnvironmentStrings
ResetEvent
ExitProcess
WaitForSingleObject
CloseHandle
ExitThread
GetModuleFileNameA
GetModuleHandleA
lstrcpyA
HeapFree
LoadResource
GetCommandLineA
lstrlenA
DeleteCriticalSection
GetProcessHeap
WriteFile
lstrcmpiA
GetStringTypeA
FreeLibrary
EnterCriticalSection
GetDiskFreeSpaceA
GetVersionExA
GetCPInfo
GetLocalTime
GetStdHandle
LoadLibraryA
MoveFileExA

oleaut32

SafeArrayGetUBound
RegisterTypeLib
VariantCopyInd
OleLoadPicture
SysStringLen
SysAllocStringLen
SysReAllocStringLen
GetErrorInfo
SafeArrayUnaccessData
VariantChangeType

msvcrt

wcscspn
memcmp
tan
log10
pow
sprintf
memcpy
strcmp

comctl32

ImageList_Read
ImageList_DragShowNolock
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_Create

Sections

CODE
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 315B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c628287a7b4b73148128f1347021149

Headers

File Characteristics

Imports

user32

gdi32

shell32

advapi32

ole32

kernel32

oleaut32

msvcrt

comctl32

Sections

CODE Size: 28KB - Virtual size: 27KB

.data Size: 1024B - Virtual size: 112KB

.bss Size: 174KB - Virtual size: 173KB

.tls Size: 512B - Virtual size: 315B

.reloc Size: 512B - Virtual size: 52B

CODE
Size: 28KB - Virtual size: 27KB

.data
Size: 1024B - Virtual size: 112KB

.bss
Size: 174KB - Virtual size: 173KB

.tls
Size: 512B - Virtual size: 315B

.reloc
Size: 512B - Virtual size: 52B