a291b4571f1ca8876315a8ba51b491a5

Sharing

Copy URL Twitter E-mail

General

Target

a291b4571f1ca8876315a8ba51b491a5
Size

552KB
MD5

a291b4571f1ca8876315a8ba51b491a5
SHA1

b38e39b3d5e5649afce048a2507fb81fc68ba084
SHA256

5d2295fee6a758800261dda5dfd90b96db231364f4185590981416363e3cdfb1
SHA512

aa4cbd41bfe7e98f9e7172f3b273772351987a0360c0d2718e6ebaa92cf604ff624f10ff0c899947d5e670b00249c56724229ff4401ac867caafb9ff7be942cd
SSDEEP

12288:wx1sAtGpIdcWPbcpXu3xHEasLkj5Pwp45Cm7obW0N/ex+l:wx1sAQpIqWPbueVEVAt4u5v7ob5/ex+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a291b4571f1ca8876315a8ba51b491a5

Files

a291b4571f1ca8876315a8ba51b491a5
.exe windows:4 windows x86 arch:x86

0b57143e4fc770f6328e6130d0547d89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\lgvgieov.pdb

Imports

user32

GetGUIThreadInfo
VkKeyScanW
InSendMessageEx
EnumDesktopsA
GetProcessWindowStation
GetClassNameA
MenuItemFromPoint
RedrawWindow
CreateWindowStationA
DefMDIChildProcA
FreeDDElParam
RegisterClassExA
PackDDElParam
UnpackDDElParam
CheckMenuRadioItem
SetThreadDesktop
InsertMenuW
GetClipboardSequenceNumber
ActivateKeyboardLayout
CreateDialogParamA
EnumDisplaySettingsExW
BringWindowToTop
CheckDlgButton
GetDlgItemTextW
LoadMenuIndirectA
CopyImage
CallWindowProcA
EnumDisplaySettingsA
EnumWindowStationsA
CharPrevW
DdeSetQualityOfService
GetUpdateRect
LoadCursorFromFileW
DdeInitializeA
CharLowerW
MapVirtualKeyExW
MapVirtualKeyA
InflateRect
MonitorFromWindow
SetScrollPos
SendIMEMessageExA
TranslateAccelerator
SendNotifyMessageA
DrawIcon
CreateIconFromResourceEx
DlgDirListA
EnumDisplaySettingsExA
DdeKeepStringHandle
RegisterClassA
GetClassInfoW

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
DrawStatusText
ImageList_SetBkColor
ImageList_GetIcon
ImageList_Create
ImageList_GetBkColor
ImageList_GetImageCount
CreateStatusWindowW
ImageList_Replace
InitCommonControlsEx
CreateToolbarEx
ImageList_SetImageCount
ImageList_GetIconSize
DrawStatusTextW
ImageList_DragMove
ImageList_AddIcon
_TrackMouseEvent
ImageList_LoadImageA
ImageList_Remove
InitMUILanguage

gdi32

GetMetaFileW
GetCharWidthFloatW
CreateDIBPatternBrush
LineDDA

kernel32

GetTickCount
GetConsoleScreenBufferInfo
GetStartupInfoA
GetStringTypeA
EnterCriticalSection
HeapAlloc
GetVersion
HeapReAlloc
ReadFile
GetEnvironmentStringsW
SetConsoleScreenBufferSize
InterlockedDecrement
InterlockedIncrement
TlsSetValue
GetLogicalDrives
HeapDestroy
FindNextFileA
GetSystemTime
GetStdHandle
TlsAlloc
GetSystemTimeAsFileTime
GetCommandLineA
CompareStringW
GetShortPathNameW
SetStdHandle
InterlockedExchange
LCMapStringW
ExitProcess
WriteFile
WideCharToMultiByte
GetEnvironmentStrings
GetSystemDirectoryW
CreateMutexA
SetHandleCount
FlushViewOfFile
TlsFree
GetOEMCP
GetCurrentThreadId
WriteConsoleInputA
GetModuleFileNameA
GetCurrentProcessId
InitializeCriticalSection
LoadLibraryA
OpenProcess
GlobalLock
IsBadWritePtr
FreeEnvironmentStringsW
FlushFileBuffers
QueryPerformanceCounter
SetSystemTime
SetEnvironmentVariableA
FreeEnvironmentStringsA
HeapFree
CompareStringA
LeaveCriticalSection
GetACP
GetCurrentProcess
MultiByteToWideChar
ExitThread
DeleteCriticalSection
CommConfigDialogA
GetCurrentThread
GetLastError
TerminateProcess
VirtualAlloc
GetProcAddress
SetFilePointer
GetLocalTime
VirtualQuery
SetLastError
GetTimeZoneInformation
HeapCreate
GetModuleHandleA
TlsGetValue
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetFileType
VirtualFree
CloseHandle
LCMapStringA
GetStringTypeW
CreateDirectoryExA
OpenMutexA
CreateProcessW
VirtualProtect

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b57143e4fc770f6328e6130d0547d89

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

kernel32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 248KB - Virtual size: 244KB

.data Size: 112KB - Virtual size: 132KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 248KB - Virtual size: 244KB

.data
Size: 112KB - Virtual size: 132KB

.rsrc
Size: 32KB - Virtual size: 30KB