979156ff4cd24d9f9eb87ae806f7fcfe

Sharing

Copy URL Twitter E-mail

General

Target

979156ff4cd24d9f9eb87ae806f7fcfe
Size

254KB
MD5

979156ff4cd24d9f9eb87ae806f7fcfe
SHA1

0ee0c322e64f33f4f998cd7219db7a1bf7d35a33
SHA256

c1b277b4304113db640877ea23f41d91a2dc9d5a0aeb2714c2b384daf6cf0bed
SHA512

f5ce461d08376d09078e481571c26b12ff6c335650f0c11029dfbbdb04dd9e0bd1912c48d60159d49905d19b7d1e5905bd589e558fe61ac6a85a9cb7f49b1de9
SSDEEP

6144:Uhy6QYJTcnMq/13nzZUK/T+GSLkXw5T8yjqW6ccw:CzTC1Xz5/TwkX4TYW/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
979156ff4cd24d9f9eb87ae806f7fcfe

Files

979156ff4cd24d9f9eb87ae806f7fcfe
.exe windows:4 windows x86 arch:x86

1bee9b39314179568540e6aa0b20fe00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ReadFile
LoadResource
GetCPInfo
GetLocaleInfoA
GetFileAttributesA
EnumCalendarInfoA
HeapFree
SetThreadLocale
GlobalAlloc
WriteFile
GetFullPathNameA
GetCurrentThread
SetFilePointer
lstrlenA
GetFileSize
LoadLibraryA
FindClose
LoadLibraryExA
LocalReAlloc
GetUserDefaultLCID
GetCurrentThreadId
lstrcatA
lstrcpynA
GetVersionExA
GetProcessHeap
SetEndOfFile
GetStringTypeA
Sleep
ExitProcess
GetStringTypeW
GetEnvironmentStrings
CreateThread
FormatMessageA
GetModuleHandleA
GetCurrentProcess
GlobalDeleteAtom
ExitThread
MoveFileExA
VirtualAllocEx
FreeLibrary
GetTickCount
GetACP
GetLastError
VirtualAlloc
GetThreadLocale
InitializeCriticalSection
DeleteFileA
GetModuleFileNameA
CompareStringA
WaitForSingleObject
GetFileType
GetSystemDefaultLangID
GetOEMCP
GetLocalTime
GetDiskFreeSpaceA
CloseHandle
lstrcmpiA
FreeResource
GetDateFormatA
CreateEventA
LockResource
RaiseException
SizeofResource
MulDiv
GetStartupInfoA
EnterCriticalSection
LocalAlloc
SetEvent
FindFirstFileA
HeapAlloc
CreateFileA
SetHandleCount
WideCharToMultiByte
GetVersion
GetCommandLineA
SetErrorMode
VirtualQuery
GetProcAddress
DeleteCriticalSection

oleaut32

SysStringLen
VariantChangeType

msvcrt

sqrt
memcpy
swprintf
malloc
calloc

shell32

DragQueryFileA
SHFileOperationA
SHGetFileInfoA
Shell_NotifyIconA
SHGetSpecialFolderLocation

comdlg32

GetFileTitleA
GetOpenFileNameA

user32

GetFocus
GetCursorPos
MessageBoxA
IsWindowVisible
GetCursor

Sections

CODE
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bee9b39314179568540e6aa0b20fe00

Headers

File Characteristics

Imports

kernel32

oleaut32

msvcrt

shell32

comdlg32

user32

Sections

CODE Size: 129KB - Virtual size: 129KB

.data Size: 45KB - Virtual size: 44KB

.edata Size: 20KB - Virtual size: 19KB

.idata Size: 36KB - Virtual size: 35KB

BSS Size: 3KB - Virtual size: 2KB

text Size: 1KB - Virtual size: 1KB

.text Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 24B

.rdata Size: 512B - Virtual size: 171B

.rsrc Size: 17KB - Virtual size: 16KB

CODE
Size: 129KB - Virtual size: 129KB

.data
Size: 45KB - Virtual size: 44KB

.edata
Size: 20KB - Virtual size: 19KB

.idata
Size: 36KB - Virtual size: 35KB

BSS
Size: 3KB - Virtual size: 2KB

text
Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 24B

.rdata
Size: 512B - Virtual size: 171B

.rsrc
Size: 17KB - Virtual size: 16KB