a39c8b2cebb3d29fff3b1018cb9ed4f5

Sharing

Copy URL

Twitter E-mail

General

Target

a39c8b2cebb3d29fff3b1018cb9ed4f5
Size

116KB
MD5

a39c8b2cebb3d29fff3b1018cb9ed4f5
SHA1

3d422d4de25d05c468034294259d0e8e99eab3e6
SHA256

78f957c5b750fad7ca6c40897995178c19a90d8ffddda4ce162d5934a8242124
SHA512

878ff169eb3fb50f0bff57e306aa27cca19c3df529560d4048a66972e9366c938994cb82c31ee4b78db0af68a071ec0614a456be07bce7982070558c7919d088
SSDEEP

3072:oqgH6quJBS8691MG36wz7he3D7wApf+5KMcP9:oquvua86393pz9e3DiTg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a39c8b2cebb3d29fff3b1018cb9ed4f5

Files

a39c8b2cebb3d29fff3b1018cb9ed4f5
.exe windows:4 windows x86 arch:x86

df54f8b88271602b45baf54e9a2f3358

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
lstrlenA
GetCPInfo
GlobalUnlock
FreeEnvironmentStringsW
GetStartupInfoA
GetEnvironmentStrings
GetModuleHandleA
GetLastError

user32

RegisterWindowMessageA
RemovePropA
SetWindowPlacement
LoadCursorA
LoadBitmapA
UpdateWindow

msvcrt

log10
_XcptFilter
sprintf
memcpy
_adjust_fdiv
_isctype
strtok
__p__fmode
strcmp
_acmdln
_except_handler3
__setusermatherr
__p__commode
_snprintf
exit
__getmainargs
__set_app_type
rename
_initterm
strncmp
atof

comctl32

ImageList_SetImageCount
ImageList_SetBkColor
InitializeFlatSB
ImageList_Remove
ImageList_SetDragCursorImage
InitCommonControlsEx
PropertySheetA
ImageList_Create

version

GetFileVersionInfoSizeW
VerQueryValueW
VerLanguageNameA
VerFindFileW
VerQueryValueA
GetFileVersionInfoW

oleaut32

SafeArrayGetUBound
CreateErrorInfo
VariantInit
SysStringByteLen
SetErrorInfo
SafeArrayCreate
SysReAllocStringLen
SysStringLen
SafeArrayUnaccessData

ole32

OleFlushClipboard
CoLoadLibrary
CoGetClassObject
ReleaseStgMedium
IsEqualGUID
ProgIDFromCLSID
CreateStreamOnHGlobal
StringFromCLSID
CoDisconnectObject
CLSIDFromString
CoCreateGuid
PropVariantClear

shell32

SHCreateDirectoryExW
ShellExecuteExA
CommandLineToArgvW
SHCreateDirectoryExA
SHGetPathFromIDList
ShellExecuteExW
SHGetFolderLocation
ExtractIconExA
SHGetSpecialFolderLocation
SHChangeNotify
FindExecutableW

advapi32

OpenProcessToken
OpenSCManagerW
ControlService
RegCreateKeyExA
LookupPrivilegeValueA
RegCreateKeyExW

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df54f8b88271602b45baf54e9a2f3358

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

version

oleaut32

ole32

shell32

advapi32

Sections

.text Size: 75KB - Virtual size: 74KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 75KB - Virtual size: 74KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 25KB - Virtual size: 24KB