95f321b0718a927e8c90d4561809a3b4

Sharing

Copy URL

Twitter E-mail

General

Target

95f321b0718a927e8c90d4561809a3b4
Size

237KB
MD5

95f321b0718a927e8c90d4561809a3b4
SHA1

1e51c6ee16d343f6a660465863daea5c78ce8d73
SHA256

a1ddf369afeb3cbd2176905120cfed60b9a9b7eeab8c6eb32eea01a025997cec
SHA512

d3bc62881d696488ebfe54a2ca9fb91c32a90418ff42ec8d1fd8ef32d8fefe119b49be62a6d5d8073371d32cbc3f570053913d2998ec1f111be8fa9d881a1db2
SSDEEP

6144:cY+xFJzkjZNbclRohMeqCuWzqryq+KWnXNK9A:sF6ZJclDOlzqeq+KWdp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f321b0718a927e8c90d4561809a3b4

Files

95f321b0718a927e8c90d4561809a3b4
.exe windows:4 windows x86 arch:x86

9118b88897ce5266c1ec0a9c1b109ae5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strcpy
strlen
strcat
strncpy
ceil
floor
memcpy
fopen
fseek
fclose
sprintf
strncmp

user32

EnableWindow
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
UnregisterClassA
DefWindowProcA
LoadCursorA
RegisterClassExA
IsWindowEnabled
GetSystemMetrics
CreateWindowExA
SetWindowLongA
SendMessageA
SetFocus
CreateAcceleratorTableA
SetForegroundWindow
BringWindowToTop
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetMessageA
DestroyAcceleratorTable
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
GetForegroundWindow
EnumWindows
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
GetSysColor
GetSysColorBrush
PostMessageA
CallWindowProcA
GetWindowRect
ScreenToClient
RedrawWindow
SetWindowPos
InvalidateRect
UpdateWindow
BeginPaint
DrawStateA
EndPaint
ValidateRect
RemovePropA
SetPropA
GetParent
GetPropA
GetWindow
SetActiveWindow
LoadIconA
RegisterClassA
AdjustWindowRect
GetActiveWindow
ShowWindow
IsZoomed
PeekMessageA
MsgWaitForMultipleObjects
SetWindowTextA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetKeyState
SetCapture
GetCursorPos
MapWindowPoints
ReleaseCapture
MoveWindow
GetClientRect
FillRect
GetFocus
IsChild
EnumChildWindows
GetClassNameA

gdi32

GetStockObject
GetObjectType
DeleteObject
CreateCompatibleDC
SetDIBits
DeleteDC
GetObjectA
CreateDCA
CreateCompatibleBitmap
CreateDIBSection
SetTextColor
SetBkColor
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

InitCommonControls
InitCommonControlsEx

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentThreadId
GetCurrentProcessId
InitializeCriticalSection
GetCurrentProcess
DuplicateHandle
CloseHandle
CreatePipe
GetStdHandle
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GlobalAlloc
GlobalFree
GetDriveTypeA
FindFirstFileA
FindClose
CopyFileA
DeleteFileA
WriteFile
CreateFileA
ReadFile
SetFilePointer

shell32

ShellExecuteExA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 512B - Virtual size: 487B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9118b88897ce5266c1ec0a9c1b109ae5

Headers

File Characteristics

Imports

crtdll

user32

gdi32

comdlg32

comctl32

kernel32

shell32

Sections

.code Size: 4KB - Virtual size: 4KB

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 512B - Virtual size: 11B

.data Size: 207KB - Virtual size: 218KB

.rsrc Size: 1024B - Virtual size: 736B

.flat Size: 512B - Virtual size: 487B

.code
Size: 4KB - Virtual size: 4KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 512B - Virtual size: 11B

.data
Size: 207KB - Virtual size: 218KB

.rsrc
Size: 1024B - Virtual size: 736B

.flat
Size: 512B - Virtual size: 487B