b64ac976fbba234f9f47371c4594f36b

Sharing

Copy URL Twitter E-mail

General

Target

b64ac976fbba234f9f47371c4594f36b
Size

218KB
MD5

b64ac976fbba234f9f47371c4594f36b
SHA1

75860658914da6703b570c539913b505bfdd3a0c
SHA256

ec50efb6b320336f0e9577e42cd1708cc5ebd37e75ccdccd157812ef6a776c09
SHA512

3a2aed3a562abb11d0cb23052d1d53e5175a38da9e51007abebd57b858f58a52e00d64bba0f13b10fd73e79cca512c33308c4f5c9435e8f7e8365c94d55646e8
SSDEEP

3072:rfLXz74krAzS8KfmzOqgSViakEpeMyyxpJxizXg3lZjbIY2E4to7GOYuJi1713RL:rfRrs75O8iaqc7jF2vqY6i10dGt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b64ac976fbba234f9f47371c4594f36b

Files

b64ac976fbba234f9f47371c4594f36b
.exe windows:4 windows x86 arch:x86

7ac84b4b3260f229487eda282b26eb6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

SHStrDupA
PathIsDirectoryA
SHEnumValueA
PathGetCharTypeA
PathFileExistsA
SHGetValueA
PathIsContentTypeA
SHQueryValueExA
SHDeleteKeyA
SHQueryInfoKeyA

kernel32

GetCommandLineA
VirtualAlloc
lstrlenW
LoadLibraryExA
GetVersionExA
ExitThread
IsBadHugeReadPtr
GetModuleHandleA
GetProcAddress
GetCommandLineW
GetACP
ExitProcess
GetLastError

comctl32

ImageList_Create
ImageList_Draw
ImageList_DrawEx
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_Read

user32

EmptyClipboard
GetKeyboardType
SetPropA
IsRectEmpty
PeekMessageW
MapVirtualKeyA
SetMenu
SetWindowPlacement
SetScrollPos
WaitMessage
LoadCursorA
LoadKeyboardLayoutA
CharNextA
SetClipboardData
DestroyCursor
SetWindowLongW
FindWindowA
GetWindowLongA
GetKeyboardLayout
ActivateKeyboardLayout
GetMenuItemCount
ShowWindow
GetDC
CreateWindowExA
SetTimer
SetScrollRange
GetSubMenu
SetWindowTextA
GetFocus
GetMenuStringA
MsgWaitForMultipleObjects
SetMenuItemInfoA
CharUpperBuffA
RemovePropA
wsprintfA
GetIconInfo
GetMessagePos
DestroyIcon
ReleaseCapture
MessageBoxA
GetClassNameA
UpdateWindow
ScrollWindow
RegisterClipboardFormatA
SendMessageW
CharToOemA
MapWindowPoints
GetDCEx
CloseClipboard
DestroyWindow
GetMenuItemID
DispatchMessageA
DrawIcon
GetForegroundWindow
PtInRect
SendMessageA
DeleteMenu
IsIconic
DrawTextA
SetWindowLongA
WindowFromPoint
GetWindowLongW
ShowOwnedPopups
GetWindowPlacement
SetCursor
GetWindowRect
GetCapture
CheckMenuItem
TranslateMessage
SetCapture
EnumChildWindows
UnhookWindowsHookEx
DrawAnimatedRects
IsWindowVisible
DrawFrameControl
GetKeyNameTextA
CreateIcon
ReleaseDC
GetActiveWindow
EndPaint
InflateRect
DispatchMessageW
ShowScrollBar

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES8
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES5
Size: 1024B - Virtual size: 647B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES9
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES3
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ac84b4b3260f229487eda282b26eb6d

Headers

File Characteristics

Imports

shlwapi

kernel32

comctl32

user32

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 142KB - Virtual size: 142KB

RES0 Size: 1KB - Virtual size: 1KB

RES6 Size: 4KB - Virtual size: 3KB

RES2 Size: 1KB - Virtual size: 1KB

RES8 Size: 1KB - Virtual size: 1KB

RES5 Size: 1024B - Virtual size: 647B

RES9 Size: 1KB - Virtual size: 1KB

RES3 Size: 512B - Virtual size: 424B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 142KB - Virtual size: 142KB

RES0
Size: 1KB - Virtual size: 1KB

RES6
Size: 4KB - Virtual size: 3KB

RES2
Size: 1KB - Virtual size: 1KB

RES8
Size: 1KB - Virtual size: 1KB

RES5
Size: 1024B - Virtual size: 647B

RES9
Size: 1KB - Virtual size: 1KB

RES3
Size: 512B - Virtual size: 424B

.rsrc
Size: 2KB - Virtual size: 2KB