a1669c04322b161f7cc464fcae404d31

Sharing

Copy URL Twitter E-mail

General

Target

a1669c04322b161f7cc464fcae404d31
Size

161KB
MD5

a1669c04322b161f7cc464fcae404d31
SHA1

f7a306a7c272f4fb6520fea3141db1f24535b0ae
SHA256

79fd96ed01d293c72554f084b4b60aca38068a27f1a43e90b5f842fdab6949d4
SHA512

de68d74ff90040dae92c838aacfa41b13c9de78b9c0872f8777058b674379b134b088eb184c7a8dcd529c436ad245aa0b4c4d68249ac8f86a89d81e298272a40
SSDEEP

3072:qgtDa5rMUeSHcWtbS2Lj1d8CoCbwNNlgIuUO/nVInEPdeSA:qgtDCeSHc2LkCoCbANlsC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1669c04322b161f7cc464fcae404d31

Files

a1669c04322b161f7cc464fcae404d31
.exe windows:4 windows x86 arch:x86

56e6c3985ebdbad1a07e2995414d3520

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

ReleaseStgMedium
StgOpenStorage
CoGetMalloc
CoTaskMemFree
CoRegisterClassObject
CoFreeUnusedLibraries
PropVariantClear

version

GetFileVersionInfoA
VerFindFileA

kernel32

GetFullPathNameA
GetCurrentProcess
VirtualAlloc
GetModuleHandleA
LocalAlloc
GetCommandLineA
ExitThread
GetVersionExA
FreeResource
GetEnvironmentStrings
GetLastError
GetOEMCP
GetProcAddress
WaitForSingleObject
CreateFileA
GetCurrentThread
CreateThread
ExitProcess

gdi32

RestoreDC
GetDIBits
GetDCOrgEx
CreateBrushIndirect

shell32

SHGetFileInfoA
SHGetFolderPathA
Shell_NotifyIconA

user32

IsIconic
GetWindowThreadProcessId
SetForegroundWindow
EnableScrollBar
DestroyMenu
GetWindowLongW
GetWindowLongA
DestroyCursor
LoadKeyboardLayoutA
GetFocus
EmptyClipboard
SendMessageA
IsDialogMessageA
ReleaseCapture
IsWindowEnabled
CreateMenu
SetScrollRange
GetCursor
InsertMenuItemA
CharNextW
GetWindow
IsZoomed
GetMenu
GetMenuState
GetDCEx
GetScrollInfo
CreatePopupMenu
OpenClipboard

comdlg32

FindTextA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_Destroy
ImageList_Remove
ImageList_Create
ImageList_DrawEx
ImageList_Add

oleaut32

VariantChangeType
VariantCopyInd

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56e6c3985ebdbad1a07e2995414d3520

Headers

File Characteristics

Imports

ole32

version

kernel32

gdi32

shell32

user32

comdlg32

comctl32

oleaut32

Sections

CODE Size: 16KB - Virtual size: 15KB

.data Size: 128KB - Virtual size: 263KB

DATA Size: 4KB - Virtual size: 4KB

.rdata Size: 12KB - Virtual size: 11KB

CODE
Size: 16KB - Virtual size: 15KB

.data
Size: 128KB - Virtual size: 263KB

DATA
Size: 4KB - Virtual size: 4KB

.rdata
Size: 12KB - Virtual size: 11KB