988b0ed25ef41903cab07118af97bf31

Sharing

Copy URL

Twitter E-mail

General

Target

988b0ed25ef41903cab07118af97bf31
Size

538KB
MD5

988b0ed25ef41903cab07118af97bf31
SHA1

381433c617b6de8ba6457e5d83db1875563ea63d
SHA256

ed6f78d72b3cd093bdcaf4c250c5954192222277480a266b646a0403185ea271
SHA512

a4720bdb22e62cffa191545157e6ac38907d820f0628b89b620d2bde3292803aa4b27446e87a3bfc297818eed3b54c3210e331004bc6b69a5d0afc5839527b37
SSDEEP

6144:4OK+eRfe8baNOb1hsor/4+n7v+v2wiawRfRyvfS6JZtS0vESthL6yvW9ldtNBOzn:RCvsw/hw1C6aYtvEKhQQxfNR1RIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
988b0ed25ef41903cab07118af97bf31

Files

988b0ed25ef41903cab07118af97bf31
.exe windows:4 windows x86 arch:x86

469cc568291ba8fb47bf7d8ce4691678

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
GetOpenFileNameA
GetOpenFileNameW
ChooseFontW

user32

SystemParametersInfoW
OpenDesktopA
GetSubMenu
DdeQueryStringA
MoveWindow
UnionRect
EnumDesktopsA
RegisterClassA
GetSystemMenu
GrayStringW
MapVirtualKeyA
SetMenuItemBitmaps
SetClipboardData
RegisterClassExA
BringWindowToTop
GetInputDesktop
GetTabbedTextExtentA

shell32

SHBrowseForFolder
FindExecutableA

comctl32

InitCommonControlsEx

kernel32

HeapFree
VirtualFree
GetStringTypeA
LoadLibraryA
IsValidCodePage
GetModuleHandleA
GetCPInfo
TlsSetValue
OpenFile
GetUserDefaultLCID
InterlockedIncrement
CompareStringA
LCMapStringW
SetEnvironmentVariableA
MultiByteToWideChar
GetConsoleOutputCP
InitializeCriticalSection
HeapReAlloc
GetVersionExA
TlsGetValue
WriteConsoleA
GetCommandLineA
TerminateProcess
GetStartupInfoA
WideCharToMultiByte
GetProcAddress
GetStringTypeW
QueryPerformanceCounter
GetFileType
OpenMutexA
GetEnvironmentStrings
DeleteCriticalSection
GetOEMCP
WriteConsoleW
GetLastError
GetConsoleMode
GetTickCount
GetCurrentProcess
GetSystemTimeAsFileTime
LCMapStringA
HeapDestroy
GetLocaleInfoW
FreeLibrary
VirtualAlloc
TlsAlloc
IsDebuggerPresent
GetTimeFormatA
CompareStringW
GetStdHandle
SetStdHandle
Sleep
EnterCriticalSection
SetHandleCount
GetCurrentProcessId
SetConsoleCtrlHandler
ExitProcess
SetUnhandledExceptionFilter
CloseHandle
HeapSize
GetProcessHeap
IsValidLocale
InterlockedDecrement
GetCurrentThreadId
GetTimeZoneInformation
GetCurrentThread
WriteFile
GetModuleFileNameA
InterlockedExchange
FlushFileBuffers
FreeEnvironmentStringsW
VirtualQuery
LeaveCriticalSection
GetACP
HeapAlloc
GetLocaleInfoA
HeapCreate
GetEnvironmentStringsW
UnhandledExceptionFilter
CreateMutexA
CreateFileA
GetDateFormatA
RtlUnwind
FreeEnvironmentStringsA
SetLastError
SetFilePointer
ReadFile
EnumSystemLocalesA
TlsFree
GetConsoleCP

gdi32

SetTextColor
GetCharABCWidthsFloatW
TranslateCharsetInfo
CreateEllipticRgnIndirect
GetStretchBltMode
GetOutlineTextMetricsA
RealizePalette
PolyPolygon
PolyDraw
GetTextCharsetInfo
WidenPath
GetLayout
IntersectClipRect

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

469cc568291ba8fb47bf7d8ce4691678

Headers

File Characteristics

Imports

comdlg32

user32

shell32

comctl32

kernel32

gdi32

Sections

.text Size: 204KB - Virtual size: 204KB

.rdata Size: 10KB - Virtual size: 26KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 204KB - Virtual size: 204KB

.rdata
Size: 10KB - Virtual size: 26KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 6KB - Virtual size: 5KB