b43967bfb4e2f71e084f39e7e51b5435

Sharing

Copy URL

Twitter E-mail

General

Target

b43967bfb4e2f71e084f39e7e51b5435
Size

706KB
MD5

b43967bfb4e2f71e084f39e7e51b5435
SHA1

969bb11a4d48e3c123175e70aabdfec804517122
SHA256

a1f5ddda617148065c6ff5d431cb8730cd85ebeeb46e912f393e950e061974ca
SHA512

052d5ac9bf9b5031bb81a52cd75861c642cd557e97cab2da602088685631c9894e1215d90feaa41abb72b956cacb50cecfa930adb1c12fd3ac0dfae5224964f4
SSDEEP

12288:skmWkwx6ldI9U31vy1FA6S+XWfcWbkdMk6NHb/TkrKkQV:sd29U35yDnUbk69bLkek+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b43967bfb4e2f71e084f39e7e51b5435

Files

b43967bfb4e2f71e084f39e7e51b5435
.exe windows:4 windows x86 arch:x86

34f8230a0d4fd34f7b4f587b3e2652a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA

kernel32

CloseHandle
InterlockedIncrement
RaiseException
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleA
GetProcessHeap
SetFilePointer
SetStdHandle
HeapFree
VirtualQuery
GetCurrentThread
OpenMutexA
ExitProcess
TlsFree
CompareStringW
InterlockedExchange
HeapDestroy
LoadLibraryA
FreeLibrary
GetACP
InitializeCriticalSection
CompareStringA
TlsSetValue
GetEnvironmentStrings
HeapAlloc
TlsGetValue
SetConsoleCtrlHandler
RtlUnwind
IsBadReadPtr
GetVersionExA
GetStdHandle
GetCurrentProcessId
HeapReAlloc
TerminateProcess
OutputDebugStringW
IsDebuggerPresent
GetConsoleOutputCP
MultiByteToWideChar
SetLastError
CreateFileA
EnterCriticalSection
GetDateFormatA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCommandLineW
IsValidCodePage
HeapCreate
TlsAlloc
GetConsoleMode
IsValidLocale
WriteConsoleW
GetTickCount
GetModuleHandleA
VirtualAlloc
GetFileType
GetProfileIntW
GetConsoleCP
OutputDebugStringA
GetCurrentProcess
CreateMutexA
GetStartupInfoA
GetTimeZoneInformation
WriteFile
WideCharToMultiByte
GetStartupInfoW
GetProcAddress
GetTimeFormatA
SetHandleCount
EnumSystemLocalesA
DebugBreak
lstrlenA
GetLocaleInfoW
InterlockedDecrement
GetStringTypeW
QueryPerformanceCounter
GetCPInfo
LCMapStringA
GetOEMCP
GetModuleFileNameA
GetLastError
GetCommandLineA
GetUserDefaultLCID
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualFree
DeleteCriticalSection
GetLocaleInfoA
GetModuleFileNameW
LoadLibraryW
HeapValidate
LCMapStringW
GetStringTypeA
GetCurrentThreadId
FlushFileBuffers
SetEnvironmentVariableA
UnhandledExceptionFilter
ReadFile

advapi32

AbortSystemShutdownW
RegNotifyChangeKeyValue
RegQueryValueExA
CryptGetProvParam
CryptEnumProviderTypesA
CryptEnumProvidersW
RegDeleteKeyW
LookupAccountSidA
RegOpenKeyW
DuplicateToken
LookupAccountSidW
LookupSecurityDescriptorPartsA
CryptExportKey
RegQueryMultipleValuesW
CryptSetProvParam
CryptGetDefaultProviderW
CryptSetHashParam
LookupPrivilegeDisplayNameW
CryptSignHashA
CryptSetProviderA
LookupSecurityDescriptorPartsW
CryptAcquireContextA

user32

RegisterClassA
GetKeyboardState
RegisterClassExA

comctl32

InitCommonControlsEx

shell32

DragQueryFileAorW

Sections

.text
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34f8230a0d4fd34f7b4f587b3e2652a6

Headers

File Characteristics

Imports

comdlg32

kernel32

advapi32

user32

comctl32

shell32

Sections

.text Size: 334KB - Virtual size: 334KB

.rdata Size: 46KB - Virtual size: 55KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 334KB - Virtual size: 334KB

.rdata
Size: 46KB - Virtual size: 55KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 6KB - Virtual size: 5KB