a37836a79eab8b94278e23391aba39a2

Sharing

Copy URL Twitter E-mail

General

Target

a37836a79eab8b94278e23391aba39a2
Size

317KB
MD5

a37836a79eab8b94278e23391aba39a2
SHA1

205017ed011bcaf64980086be4059f58cbc80856
SHA256

526a88e85cb9a35c3250ef9e735a213a3d6eca35187c1d7d13562eba0e8d638d
SHA512

f95068d95cb2dc2af2d687c5fdb1f6493d7929abb66c7a850f9a5441d56b92ac15a835e9f794e8b1bc15afe23eac414f5f19e53e321f1a24a6cb9763d5cf6f30
SSDEEP

6144:hl9c3QC9vfLanVLJfTQMLzRN6R5jkEXHFUXekB:hb6QCtfWnVtUMXK5IEXHF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a37836a79eab8b94278e23391aba39a2

Files

a37836a79eab8b94278e23391aba39a2
.exe windows:4 windows x86 arch:x86

50db43cc0d61901bda9b494839457b98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDList
ExtractAssociatedIconA

user32

DrawStateW
MessageBoxW
DlgDirListComboBoxA
PostQuitMessage
SetMessageExtraInfo
UnhookWindowsHook
ValidateRgn
DdeDisconnect
CreatePopupMenu
PackDDElParam
SwapMouseButton
CallWindowProcW
EnumDesktopsW
MonitorFromPoint
DestroyWindow
SendNotifyMessageW
WindowFromPoint
SendMessageW
MenuItemFromPoint
GetClassWord
EnableWindow
CreateDesktopA
NotifyWinEvent
IsRectEmpty
RegisterClassExA
EmptyClipboard
GetSubMenu
GetComboBoxInfo
DdeClientTransaction
ExcludeUpdateRgn
DdeUnaccessData
MessageBoxA
SetProcessWindowStation
CreateWindowExW
LoadBitmapW
OpenInputDesktop
CharUpperA
UnpackDDElParam
SetDoubleClickTime
GetKeyboardType
EndPaint
EnumPropsW
MapWindowPoints
SetUserObjectSecurity
SetWindowsHookExA
ChangeMenuA
CheckMenuRadioItem
SetDlgItemTextA
RemoveMenu
CreateWindowStationW
GetInputDesktop
GetCursorPos
OemKeyScan
GetAltTabInfo
WindowFromDC
MonitorFromWindow
ReleaseCapture
VkKeyScanExA
OffsetRect
LoadKeyboardLayoutA
GetKBCodePage
SetDebugErrorLevel
GetMenuStringA
SendDlgItemMessageW
GetWindowTextLengthW
LoadCursorW
DefWindowProcA
FlashWindow
CloseClipboard
GetKeyState
GetAncestor
EqualRect
BroadcastSystemMessageW
SwitchDesktop
GetMessageExtraInfo
RegisterClassA
WINNLSGetIMEHotkey
GetMessageTime
CopyRect
DlgDirSelectExW
DrawTextExW
GetWindowRect
DrawFocusRect
SetWindowTextA
GetWindowContextHelpId
GetMenuContextHelpId
DestroyMenu
GetAsyncKeyState
GetKeyboardLayoutList
GrayStringW
GetMenuItemInfoA
wvsprintfW
SetMenu
DefDlgProcA
LoadMenuA
ShowWindow
DdeInitializeA
CascadeWindows
DdeGetLastError
GetIconInfo
OpenIcon

comctl32

ImageList_SetOverlayImage
CreatePropertySheetPage
ImageList_Replace
ImageList_GetBkColor
ImageList_AddIcon
DrawStatusTextW
ImageList_Destroy
ImageList_DrawEx
CreateToolbarEx
CreatePropertySheetPageW
ImageList_LoadImageW
ImageList_LoadImageA
CreateStatusWindowA
DrawStatusText
ImageList_Add
ImageList_Read
InitCommonControlsEx

kernel32

LoadLibraryA
SetCurrentDirectoryW
MultiByteToWideChar
GetConsoleOutputCP
DeleteCriticalSection
GetCPInfo
GetEnvironmentStringsW
LCMapStringW
FreeLibrary
HeapSize
CompareFileTime
SetLastError
CloseHandle
SetConsoleCtrlHandler
GetProcAddress
InterlockedIncrement
GetLastError
EnterCriticalSection
HeapReAlloc
InterlockedDecrement
WriteConsoleA
SetHandleCount
GetCurrencyFormatA
GetACP
CreateFileA
IsValidLocale
WriteConsoleW
HeapDestroy
GetFileType
InterlockedExchange
TlsFree
FlushFileBuffers
GetCurrentThread
GetCurrentProcess
GetModuleFileNameW
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
CreateMutexA
OpenMutexA
GetLocaleInfoW
RtlUnwind
Sleep
GetCurrentThreadId
IsDebuggerPresent
GetModuleHandleW
IsValidCodePage
WriteFile
GetTickCount
GetProfileIntA
HeapAlloc
LeaveCriticalSection
GetStringTypeA
GetModuleFileNameA
GetDateFormatA
TlsSetValue
HeapFree
FreeEnvironmentStringsW
CompareStringA
GetCurrentProcessId
HeapCreate
IsBadWritePtr
QueryPerformanceCounter
WideCharToMultiByte
CompareStringW
EnumSystemLocalesA
VirtualQuery
ReadConsoleOutputCharacterA
VirtualAlloc
TerminateProcess
VirtualFree
GetUserDefaultLCID
GetLocaleInfoA
SetEnvironmentVariableA
GetStdHandle
SetUnhandledExceptionFilter
GetStartupInfoA
GetStringTypeW
GetOEMCP
GetTimeFormatA
GetModuleHandleA
GetTimeZoneInformation
ReadFile
LoadLibraryExW
GlobalFindAtomA
InitializeCriticalSectionAndSpinCount
ExitProcess
LCMapStringA
TlsAlloc
GetCommandLineW
TlsGetValue
GetCommandLineA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetStartupInfoW
CreatePipe

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50db43cc0d61901bda9b494839457b98

Headers

File Characteristics

Imports

shell32

user32

comctl32

kernel32

Sections

.text Size: 133KB - Virtual size: 133KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 91KB - Virtual size: 104KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 133KB - Virtual size: 133KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 91KB - Virtual size: 104KB

.rsrc
Size: 15KB - Virtual size: 15KB