97efc58209b035f6ea4ec3d90bd9b123

Sharing

Copy URL Twitter E-mail

General

Target

97efc58209b035f6ea4ec3d90bd9b123
Size

164KB
MD5

97efc58209b035f6ea4ec3d90bd9b123
SHA1

be293a44e90df9833e5bff0389219bada01bb549
SHA256

2e7b3b80c9c408694d9eefa21bde955f21c62f4fcb19c092c07f7f5fef022cba
SHA512

cf58c142e9c29a8c41a59aced5786da8570004700895a86ff0dce1517ae2dfd0167a2e73b233f58ca5dcfa73ebe6a213c89498e1b0c14fc445ba4973482c5315
SSDEEP

3072:Hpa7HRJ7dzHmSlGXZA/ziTRxLHf8GBnn8/tL3RTaBQ4F9c3ZXWxqJFlA:H87RVlHbOA/ziT/n817RTqHF9clNA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97efc58209b035f6ea4ec3d90bd9b123

Files

97efc58209b035f6ea4ec3d90bd9b123
.exe windows:5 windows x86 arch:x86

0870e672b3623033bd04479125c92b2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\vMyifiKvduraRx\jtKygvmmglavw\PAwizHjrlgjq.pdb

Imports

gdi32

ExtTextOutA
CreateFontA
EndPage
CreateBrushIndirect
SetViewportOrgEx
CreatePalette
ExtFloodFill
CreateHalftonePalette
GetTextAlign
CombineRgn
GetStockObject
CreateFontW
BitBlt

kernel32

QueryDosDeviceW
OpenFileMappingA
GetFullPathNameA
LockFile
lstrcatA
SetHandleInformation
GetTickCount
GetModuleHandleA
TransactNamedPipe
lstrcmpiW
FileTimeToSystemTime
TlsGetValue
UnhandledExceptionFilter
Sleep
GetDateFormatA
GetModuleFileNameA
lstrcpyA
SuspendThread
PeekConsoleInputA

user32

AttachThreadInput
DeferWindowPos
PostThreadMessageA
wvsprintfA
CallWindowProcW
PostThreadMessageW
GetKeyboardLayoutList
GetClassLongA
IsWindow
DefWindowProcW
GetClipCursor
RegisterClassExW
GetWindow
VkKeyScanW
CharLowerBuffA
keybd_event
CharNextExA
DispatchMessageA
GetClassInfoExA
DrawIconEx
GetClassNameW
InvalidateRect
ShowWindowAsync
OpenIcon
RemoveMenu
GetWindowLongW
GetDlgItemTextA
SystemParametersInfoA
CascadeWindows

msvcrt

exit

shlwapi

StrStrIA
StrTrimA
PathRelativePathToW

Exports

Exports

?g_ocv_qURI@@UGPADPAJ@Z

Sections

.text
Size: 141KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 253B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.form1
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.form2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.form3
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.form4
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0870e672b3623033bd04479125c92b2f

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 141KB - Virtual size: 415KB

.edata Size: 512B - Virtual size: 253B

.data Size: 3KB - Virtual size: 2KB

.form1 Size: 512B - Virtual size: 424B

.form2 Size: 2KB - Virtual size: 1KB

.form3 Size: 512B - Virtual size: 320B

.form4 Size: 512B - Virtual size: 404B

.info Size: 13KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 141KB - Virtual size: 415KB

.edata
Size: 512B - Virtual size: 253B

.data
Size: 3KB - Virtual size: 2KB

.form1
Size: 512B - Virtual size: 424B

.form2
Size: 2KB - Virtual size: 1KB

.form3
Size: 512B - Virtual size: 320B

.form4
Size: 512B - Virtual size: 404B

.info
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB