984a073204f8d94a9bc2dbf437e1a36a

Sharing

Copy URL Twitter E-mail

General

Target

984a073204f8d94a9bc2dbf437e1a36a
Size

461KB
MD5

984a073204f8d94a9bc2dbf437e1a36a
SHA1

468486ae65065a6ad1ee69d16cf55657d3b0b8ca
SHA256

f19ebce8fd9aa4fc29edfa7936d9405bb253df57a26985a8336ba25cb5f02821
SHA512

7e49edfa0fd9a73ba307997695fced84b450f874eca0160c78b184c592f976e2e4448fbdaabbdd24c3cbda765f1437fe8d10fe9dd5db1418f4c3fba0a8bf9495
SSDEEP

6144:EbcAnk4tzpIzv+qIbPaEV5imGv4m9dk2N6U64+7W/hMq7OyCEwOEboIY/n+5sig4:EIupccGDs2N6b4rhMq6NOL/YsigCXe0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
984a073204f8d94a9bc2dbf437e1a36a

Files

984a073204f8d94a9bc2dbf437e1a36a
.exe windows:4 windows x86 arch:x86

240f666620d955e253e7fe102a235c8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
CompareStringA
InterlockedIncrement
WritePrivateProfileSectionW
RtlUnwind
GetStdHandle
TryEnterCriticalSection
GetCurrentProcess
GetModuleFileNameW
VirtualAlloc
IsValidLocale
InitializeCriticalSection
HeapReAlloc
GetEnvironmentStringsW
SetCriticalSectionSpinCount
GetEnvironmentStrings
FreeEnvironmentStringsW
IsValidCodePage
GetModuleFileNameA
GetACP
GetStartupInfoW
ExitProcess
GetCommandLineW
GetStartupInfoA
GetTimeFormatA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetOEMCP
FreeEnvironmentStringsA
GetVersionExA
QueryPerformanceCounter
TlsAlloc
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
EnumSystemLocalesA
HeapAlloc
GetLastError
HeapFree
lstrcpynW
WideCharToMultiByte
GetCurrentProcessId
WriteConsoleInputA
GetStringTypeA
WriteFile
SetHandleCount
GetUserDefaultLCID
EnterCriticalSection
GetCurrentThread
GetStringTypeW
FreeLibrary
TlsSetValue
SetConsoleCtrlHandler
GetThreadPriority
SetCurrentDirectoryW
VirtualFree
UnhandledExceptionFilter
TlsGetValue
SetThreadIdealProcessor
GetLocaleInfoW
LCMapStringW
SetEnvironmentVariableA
GetDiskFreeSpaceW
CompareStringW
GetTimeZoneInformation
GetProcAddress
GetDateFormatA
GetFileType
ReadConsoleOutputA
InterlockedDecrement
InterlockedExchange
HeapCreate
TlsFree
GetLocaleInfoA
VirtualQuery
Sleep
SetLastError
ReadFile
IsDebuggerPresent
GetCurrentThreadId
HeapDestroy
ReleaseMutex
TerminateProcess
GetCommandLineA
HeapSize
FindAtomA
GetModuleHandleA
LCMapStringA
GetProcessHeap

comdlg32

GetFileTitleW
ChooseColorW
ChooseFontW
GetFileTitleA
LoadAlterBitmap
GetOpenFileNameW
PageSetupDlgA
ReplaceTextA
PrintDlgW
PrintDlgA
GetSaveFileNameW
FindTextA
PageSetupDlgW
FindTextW
ReplaceTextW
GetSaveFileNameA
ChooseColorA

shell32

SHAddToRecentDocs
ExtractIconExW
SHGetDataFromIDListA
DragQueryFileW
SHLoadInProc
SHGetFileInfoA
SHGetPathFromIDListA
ExtractAssociatedIconExW

Sections

.text
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

240f666620d955e253e7fe102a235c8f

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

Sections

.text Size: 177KB - Virtual size: 176KB

.data Size: 277KB - Virtual size: 298KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 177KB - Virtual size: 176KB

.data
Size: 277KB - Virtual size: 298KB

.rsrc
Size: 6KB - Virtual size: 5KB