a243333b7f004d102a5252a99a3573fd

Sharing

Copy URL

Twitter E-mail

General

Target

a243333b7f004d102a5252a99a3573fd
Size

90KB
MD5

a243333b7f004d102a5252a99a3573fd
SHA1

9e3fe6f888cd4f9b78302d2cd23d88c0a252f4ca
SHA256

47f621b864a12b4fff92fe1b0dfe64a440f65f1fb20873f016c865309f3d7f9f
SHA512

e0e35bd8b9d8bd6e70366a790a7476f7cf08388132149150d35e329615e8186b01ea12bbfd87f230ec2a47398514296521ba2c9a061abc2d0b90b533949f55e0
SSDEEP

1536:J1bbuiu5blrQs0+YIheesvau/QF5kopoQZlq5wgdajChJdLIpZuIY:/Exz0hIheeSTQFuopo+s5UCbaZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a243333b7f004d102a5252a99a3573fd

Files

a243333b7f004d102a5252a99a3573fd
.exe windows:4 windows x86 arch:x86

40ddfe1e70319397af8f53fdcdd62379

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_Copy
InitCommonControls
ImageList_Merge
ImageList_DrawIndirect
ImageList_AddIcon
ImageList_GetImageCount
ImageList_Remove
ImageList_GetImageRect
ImageList_Destroy
ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Read
ImageList_LoadImageW
ImageList_GetImageInfo
ImageList_LoadImageA

user32

IsWindow
GetCursor
BlockInput
GetFocus
LoadCursorA
CopyImage
CloseWindow
GetWindowTextLengthA
DrawTextA
GetDC
DialogBoxParamA
GetMenu
CreateIcon
InsertMenuA
AppendMenuW
GetDlgItem
GetWindowTextA
LoadMenuA
DrawTextW
IsWindow
GetDC
AlignRects
AppendMenuA
DrawIcon
CalcMenuBar
CreateIcon
LoadMenuA
IsMenu
DrawTextW
AppendMenuW
GetDlgItem
DrawTextA
CloseWindow
CopyImage
BlockInput
GetFocus
DialogBoxParamW
DialogBoxParamA

kernel32

lstrcpynA
GetDateFormatA
lstrcmpiA
GetModuleHandleA
lstrcmpA
GlobalFree
GlobalAlloc
CloseHandle
lstrlenA
lstrcpyA
lstrcatA
GetCommandLineA
GetFileSize
GetStdHandle
GetStringTypeW
Sleep
GetFileAttributesA
SetLastError

advapi32

RegOpenKeyA
RegEnumKeyExW
RegCreateKeyExA
RegEnumValueA
RegCreateKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueA
RegOpenKeyExW
RegDeleteValueA
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegEnumValueW
RegDeleteKeyW
RegFlushKey
RegLoadKeyA
RegGetKeySecurity

Sections

.wplVBS
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.iRCPaf
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.egvoGW
Size: 1024B - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oiSMrd
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40ddfe1e70319397af8f53fdcdd62379

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

Sections

.wplVBS Size: 14KB - Virtual size: 14KB

.iRCPaf Size: 69KB - Virtual size: 68KB

.egvoGW Size: 1024B - Virtual size: 102KB

.oiSMrd Size: 1KB - Virtual size: 1KB

.wplVBS
Size: 14KB - Virtual size: 14KB

.iRCPaf
Size: 69KB - Virtual size: 68KB

.egvoGW
Size: 1024B - Virtual size: 102KB

.oiSMrd
Size: 1KB - Virtual size: 1KB