a148e47e28d527034bf97de3ebdb0de5

Sharing

Copy URL Twitter E-mail

General

Target

a148e47e28d527034bf97de3ebdb0de5
Size

162KB
MD5

a148e47e28d527034bf97de3ebdb0de5
SHA1

5f3482a7d37bc12cf9ca2ee9de772d3307adfa13
SHA256

cb5d1e1341c7622e9741daf9a2cf297da8bed8b9278892dbcec3edc1db81a01c
SHA512

fc026061f23d3e7e49a5ff4ccfd5b63b26f50fa5adc5024dbc5c97c2a9b222cad99ee65e1abce8e0aac72538c17846ed7b26bc564c5b762725437c8678d65fa2
SSDEEP

3072:iCYYHnREh0ip6yeuOY/2QQ8hgzUzA5yA4DTnWsVKtht1EbKPdR6m:iCFxEh0Se82R8hgIA543VVKtht1EbKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a148e47e28d527034bf97de3ebdb0de5

Files

a148e47e28d527034bf97de3ebdb0de5
.exe windows:4 windows x86 arch:x86

ea21e81a824e20bb96f741e5d7629791

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InflateRect
EqualRect
GetCursorPos
GetKeyboardLayoutList
CharUpperBuffA
ShowScrollBar
SetScrollRange
GetKeyboardType
FrameRect
DrawIconEx
DestroyCursor
GetWindowTextA
SetCursor
GetPropA
SetMenu
SystemParametersInfoA
OffsetRect
GetParent
DefMDIChildProcA
GetActiveWindow
GetSysColorBrush
GetClassNameA
CharToOemA
DestroyIcon
ReleaseDC
DrawMenuBar
IsDialogMessageA
DrawTextA
GetClientRect
GetWindowPlacement
GetMenuStringA
DefFrameProcA
CharNextW
GetScrollRange
SetClipboardData
SetWindowTextA

oleaut32

GetErrorInfo
VariantCopyInd
SafeArrayGetUBound
SafeArrayUnaccessData
RegisterTypeLib
SysStringLen
SafeArrayGetElement

msvcrt

sin
swprintf
sqrt
tan
srand
memmove
strcmp
exit
mbstowcs

advapi32

GetUserNameA
RegQueryValueA

version

VerQueryValueA
VerInstallFileA

comdlg32

GetOpenFileNameA
GetFileTitleA

kernel32

GetProcessHeap
FormatMessageA
GetModuleHandleA
HeapAlloc
GlobalFindAtomA
SetHandleCount
lstrcpynA
CreateFileA
HeapDestroy
LoadResource
LocalAlloc
LocalReAlloc
WriteFile
GetACP
lstrcmpiA
GetCurrentThread
VirtualQuery
LocalFree
GlobalDeleteAtom
lstrcatA
GetProcAddress
CloseHandle
GetCurrentProcess
GetSystemDefaultLangID
DeleteCriticalSection
GetVersionExA
InitializeCriticalSection
GetUserDefaultLCID
GetStdHandle
FindFirstFileA
GetFileAttributesA
GetFileType
GetLastError
LoadLibraryA
GetFullPathNameA
SizeofResource
LoadLibraryExA
SetFilePointer
GetStringTypeA
ExitThread
GetLocalTime
MoveFileA
GetCurrentThreadId
VirtualAllocEx
WaitForSingleObject
GlobalAddAtomA
MoveFileExA
FindClose

comctl32

ImageList_Destroy
ImageList_Draw
ImageList_Write
ImageList_GetBkColor
ImageList_Create
ImageList_DrawEx

gdi32

RestoreDC
SetBkColor
LineTo
CreateBrushIndirect
GetPaletteEntries
GetPixel

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea21e81a824e20bb96f741e5d7629791

Headers

File Characteristics

Imports

user32

oleaut32

msvcrt

advapi32

version

comdlg32

kernel32

comctl32

gdi32

Sections

CODE Size: 28KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 92KB

DATA Size: 132KB - Virtual size: 131KB

CODE
Size: 28KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 92KB

DATA
Size: 132KB - Virtual size: 131KB