993740d7cd28d84caaed6bcda047a890

Sharing

Copy URL

Twitter E-mail

General

Target

993740d7cd28d84caaed6bcda047a890
Size

114KB
MD5

993740d7cd28d84caaed6bcda047a890
SHA1

a1b0fe38a516b52488f74dbb85202f86514decc1
SHA256

5b9204c384ec6064f6f3e2d6e364920f55a0b6a43a098feec0c45f357047a5cc
SHA512

4b59e717f5f165e8850afc28f705660f8d1a285a538dc41beea179b376b83d0c9cb13171f023788d3d05f6baf39ceb146a5f03e119fb627cae00edcca491e4d2
SSDEEP

3072:+WAp7+630lK9yi2p+lusYr25dtz1ETB3T:SPAog2l5dpi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
993740d7cd28d84caaed6bcda047a890

Files

993740d7cd28d84caaed6bcda047a890
.exe windows:5 windows x86 arch:x86

7b94874226235aa4559195a8599495c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetModuleHandleA
GlobalReAlloc
GetLocalTime
VirtualProtect
GetVersionExW
GetCPInfo
SystemTimeToFileTime
lstrcatA

msvcrt

_acmdln
__getmainargs
_get_osfhandle
log
_initterm
_except_handler3
_ismbblead
puts
_kbhit
_mbsrchr
localtime
__setusermatherr
rename
floor
__p__commode
_adjust_fdiv
_filbuf
exit
strspn
__CxxFrameHandler
__p__fmode
_XcptFilter
__set_app_type
sscanf

user32

SetForegroundWindow
GetMessagePos
DrawFrameControl
SetScrollPos
UpdateWindow
RegisterClassA
DrawTextA

ole32

CoRegisterClassObject
StgCreateDocfileOnILockBytes
RegisterDragDrop
CoGetClassObject
CoInitialize
StringFromIID
RevokeDragDrop
CoSetProxyBlanket
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CreateItemMoniker
StgOpenStorageOnILockBytes

shell32

ExtractAssociatedIconW
ShellExecuteEx
SHGetDesktopFolder
SHChangeNotify
SHGetSpecialFolderPathA
SHBrowseForFolderW
SHBrowseForFolder
SHGetPathFromIDList
ShellExecuteA
SHGetFolderLocation
ShellExecuteExA
SHGetSettings

comctl32

ImageList_Draw
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_DragEnter
ImageList_SetOverlayImage
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_EndDrag
InitCommonControls
ImageList_GetImageInfo

oleaut32

SysStringByteLen
SafeArrayRedim
SetErrorInfo
SysReAllocStringLen
VariantClear

version

VerLanguageNameA
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA
VerFindFileW
GetFileVersionInfoW

advapi32

CryptDestroyHash
InitiateSystemShutdownA
RegSetValueExA
RegDeleteValueA
OpenServiceW
RegEnumKeyW
RegOpenKeyExA

gdi32

SaveDC
CreatePen
LineTo
BeginPath
EnumFontFamiliesW
ExtCreatePen
GetObjectW
CreateDCW
DeleteObject
SetTextAlign
RectInRegion

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b94874226235aa4559195a8599495c1

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

shell32

comctl32

oleaut32

version

advapi32

gdi32

Sections

.text Size: 54KB - Virtual size: 54KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 54KB - Virtual size: 54KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 17KB - Virtual size: 17KB