ac338532c6b34d774600403941b97f16

Sharing

Copy URL Twitter E-mail

General

Target

ac338532c6b34d774600403941b97f16
Size

404KB
MD5

ac338532c6b34d774600403941b97f16
SHA1

2f5e2e4eaa6b649f3763b2b0d95d01c9f7067e2b
SHA256

ec68269df746082bc1eb0647bcdbc49764cd3cad30afa2a57df48f43b4ad30b5
SHA512

0d3cdf43af64018f60b5f23c4fab0e71af3191a2e8ec52d35ed97c044256ae817fa66e066933bb1f818cb8d146b36358e82cb53dadb04e42e6a96b1e4badfdf6
SSDEEP

6144:eqwNYm25/Er9cSadQdLRiK+DN3dqEPHFz3m91vyZFMXaxe7I1u4yRSW:eOm43dzPDN3x891gQIC+u4yc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac338532c6b34d774600403941b97f16

Files

ac338532c6b34d774600403941b97f16
.exe windows:4 windows x86 arch:x86

e96b7f63216fcde82e8d0e1db71e48cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
IsValidCodePage
DeleteCriticalSection
EnumSystemLocalesA
HeapDestroy
GetCPInfo
HeapAlloc
LoadLibraryA
GetEnvironmentStrings
TlsSetValue
FreeEnvironmentStringsA
CompareStringA
GetACP
GetLocaleInfoW
InterlockedExchange
TlsAlloc
GetLastError
InterlockedDecrement
InterlockedIncrement
FreeEnvironmentStringsW
GetStringTypeW
GetStdHandle
IsDebuggerPresent
GetStringTypeA
WriteFile
LCMapStringW
GetVersionExA
InitializeCriticalSection
GetProcAddress
GetCurrentThread
HeapSize
HeapFree
EnterCriticalSection
GetStartupInfoA
SetEnvironmentVariableA
LeaveCriticalSection
VirtualQuery
TlsGetValue
MultiByteToWideChar
VirtualFree
GetLocaleInfoA
SetConsoleCtrlHandler
GetDateFormatA
HeapCreate
HeapReAlloc
TlsFree
ExitProcess
GetCommandLineA
FreeLibrary
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleA
GetTimeZoneInformation
SetHandleCount
SetLastError
GetCurrentThreadId
WideCharToMultiByte
IsValidLocale
GetProcessHeap
GetUserDefaultLCID
GetCurrentProcessId
GetModuleFileNameA
Sleep
GetOEMCP
CompareStringW
GetTickCount
LCMapStringA
GetEnvironmentStringsW
GetTimeFormatA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
RtlUnwind

advapi32

CryptSetProviderExW

shell32

SHAddToRecentDocs
SHGetSettings
DoEnvironmentSubstW
DragQueryFileAorW
RealShellExecuteExA
ShellExecuteExW
SHGetPathFromIDListW
SHGetFileInfoW
SheChangeDirA
SHGetPathFromIDList
ExtractIconW
ShellAboutW
SHGetDataFromIDListA
SHFileOperationW
DragQueryFileA
InternalExtractIconListA

comdlg32

GetOpenFileNameW
ChooseColorW
LoadAlterBitmap
ChooseColorA
ReplaceTextA
PageSetupDlgA
PrintDlgA
GetFileTitleW
ChooseFontA
ChooseFontW
PrintDlgW
PageSetupDlgW
GetSaveFileNameA
FindTextW
FindTextA
GetOpenFileNameA
ReplaceTextW
GetSaveFileNameW

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e96b7f63216fcde82e8d0e1db71e48cf

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

comdlg32

Sections

.text Size: 121KB - Virtual size: 120KB

.data Size: 278KB - Virtual size: 289KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 121KB - Virtual size: 120KB

.data
Size: 278KB - Virtual size: 289KB

.rsrc
Size: 4KB - Virtual size: 4KB