96a545e9c70029b56062d5007e69e0b4

Sharing

Copy URL Twitter E-mail

General

Target

96a545e9c70029b56062d5007e69e0b4
Size

140KB
MD5

96a545e9c70029b56062d5007e69e0b4
SHA1

d283b43a0f985adcec0055a48b6d97e6f56bb3d4
SHA256

570bde60d7fa5c25d805b52c75ecd532099bc35fe536204ed77d33a76a7de357
SHA512

74ee929a243e57016cee5920aa81fc4952737172cee28530b7625dd6550c3d66362ee9342eb387e92a2829d726e75b43a4e96251d4ddfd6da2431379f1e89b3b
SSDEEP

3072:FEs/iBePuhH5V/eTWGIAHLAArtgVkoI/L/dQv:FPqr2TWGITAjm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96a545e9c70029b56062d5007e69e0b4

Files

96a545e9c70029b56062d5007e69e0b4
.exe windows:5 windows x86 arch:x86

8b4eeebf1d97c18d6d2f797fb4a3b6f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
VirtualProtect
MulDiv
DeleteFileA
GetSystemDirectoryA
EnumCalendarInfoA
VirtualAlloc
GetSystemInfo
GetModuleHandleA
GlobalReAlloc
OpenProcess
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetTempPathW
FlushFileBuffers

user32

GetWindowPlacement
GetWindowTextA
DrawMenuBar
LoadCursorA
SetWindowPos
DispatchMessageA
GetWindowLongA

msvcrt

log10
__set_app_type
_initterm
toupper
wctomb
_adjust_fdiv
__p__fmode
__setusermatherr
_XcptFilter
_dup2
_except_handler3
_acmdln
exit
strtok
__lc_codepage
__getmainargs
__p__commode

shell32

ExtractAssociatedIconW
SHGetPathFromIDListA
ExtractIconW
DragQueryFile
ShellExecuteEx
ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA
DragAcceptFiles
ExtractIconExA
SHGetFileInfoA

ole32

CoDisconnectObject
RevokeDragDrop
CreateStreamOnHGlobal
GetRunningObjectTable
CoTaskMemFree
CLSIDFromProgID
CoTaskMemRealloc
CLSIDFromString
CoInitialize

advapi32

RegEnumKeyW
RegSetValueExW
RegCreateKeyA
RegEnumKeyExW
QueryServiceStatus
RegDeleteKeyW
LookupPrivilegeValueA

oleaut32

GetErrorInfo
SysFreeString
SysStringLen
VariantInit
GetActiveObject
VariantCopy

version

VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerInstallFileA
VerInstallFileW
VerQueryValueW

comctl32

CreateStatusWindowA
ImageList_SetBkColor
ImageList_Remove
ImageList_GetImageInfo
ImageList_SetIconSize
DestroyPropertySheetPage
ImageList_EndDrag
ImageList_Draw
InitializeFlatSB
ImageList_DragShowNolock
ImageList_Read

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b4eeebf1d97c18d6d2f797fb4a3b6f6

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

ole32

advapi32

oleaut32

version

comctl32

Sections

.text Size: 92KB - Virtual size: 92KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 92KB - Virtual size: 92KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 31KB - Virtual size: 30KB