ae0d3133b7df07ebca5f9851ef906624

Sharing

Copy URL Twitter E-mail

General

Target

ae0d3133b7df07ebca5f9851ef906624
Size

281KB
MD5

ae0d3133b7df07ebca5f9851ef906624
SHA1

b6a99801c6a85d44a0ce87bac4eadb311ff1f6a2
SHA256

43bb994364123d2f0855592662fb4cd4dd2fb79e5a5bffcbfef659cf878252f6
SHA512

5de7d59369a17c2290bcb4a0b4f18963b6329b8605ef8cb733386b763d4769cdabd22d4a5a083896406b88a264a0ebd15a8b8584388c115a8a59aecbb9a81d88
SSDEEP

6144:dyQPjWAOE2tPBG0RVq0KdlCFhxMm+ET7MGfk39kj7:sWjWAj2tY0W00C7H+ET7Bfo67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae0d3133b7df07ebca5f9851ef906624

Files

ae0d3133b7df07ebca5f9851ef906624
.exe windows:4 windows x86 arch:x86

79dc7547cc95536ae37134476e9d6167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GetUserDefaultLangID
TerminateThread
DeleteFileW
SizeofResource
InterlockedDecrement
VirtualFree
WritePrivateProfileStringW
GetCurrentThread
GetPrivateProfileStringW
FindFirstChangeNotificationW
lstrcpyW
ReadFile
GlobalDeleteAtom
ReadProcessMemory
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
WaitForSingleObject
SetCurrentDirectoryW
GetFileAttributesW
GetProcAddress
FindResourceExW
GlobalAddAtomW
CreateWaitableTimerW
DuplicateHandle
FindFirstFileW
LockResource
GetLocalTime
GlobalLock
SetLastError
CreateEventW
WriteFile
MoveFileW
GetFileAttributesExW
GetModuleFileNameW
GetVersion
SetThreadPriority
GetCurrentProcess
SetEvent
WaitForMultipleObjects
FreeLibrary
CreateProcessW

user32

PostMessageW
CreatePopupMenu
wsprintfW
LoadIconW
SetWindowTextW
SetForegroundWindow
UpdateWindow
GetParent
IsDlgButtonChecked
GetDlgItem
EndDialog
DialogBoxParamW
DefWindowProcW
GetSysColor
DrawTextW
SetLayeredWindowAttributes
AppendMenuW
SendDlgItemMessageW
VkKeyScanW
GetWindowTextW
GetCursorPos
PostThreadMessageW
DestroyMenu
ReleaseCapture
WindowFromPoint
OffsetRect
GetKeyState
RedrawWindow
TrackPopupMenu
LoadImageW
InvalidateRect

gdi32

CreateCompatibleBitmap
GetObjectW
CreateSolidBrush
CreateCompatibleDC
GetClipBox
LineTo
CreateICW
CreateBitmap
CreateRoundRectRgn
SetMapMode
DPtoLP
SetBkColor
GetDeviceCaps
Rectangle
BitBlt
CreatePen
SelectObject

advapi32

GetUserNameW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

SHChangeNotify

ole32

CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79dc7547cc95536ae37134476e9d6167

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 252KB - Virtual size: 248KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 252KB - Virtual size: 248KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 18KB