b870391689c7c82d2827851c96b3c587

Sharing

Copy URL Twitter E-mail

General

Target

b870391689c7c82d2827851c96b3c587
Size

140KB
MD5

b870391689c7c82d2827851c96b3c587
SHA1

6900c2f74b16e8db51a01861f9c6cfd10896ab23
SHA256

68e993ceb79419849ef8cc598dbe7b3a9fd489b25a6042a33986bffde3e251ff
SHA512

d7e41f3a616df18902907d5d7b8e9c4fe553a54b69709531da871103cf5066580aa8e6df7c6c82bc37e82d8e5d4eef1dc25da2f0e9b7c3c3b45c6d7430e74f11
SSDEEP

3072:AMnCaFhCD/9axwexKPopFy/H+9oNKd2APS4qu4t8a+BomCx1EyIFwlyj:rCaXaq4QryP+2KdfNqu49+WmCwyi7j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b870391689c7c82d2827851c96b3c587

Files

b870391689c7c82d2827851c96b3c587
.exe windows:5 windows x86 arch:x86

80b4fb95ddc4a71d806fa63cbe4e09bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\lEouTrRnirzd\CzRGekdehM\IPsqILdRlaV\zyhJjwsgd.pdb

Imports

comdlg32

FindTextW
ReplaceTextW

user32

ShowWindow
DrawAnimatedRects
SetMenuItemInfoW
MapDialogRect
GetMenuItemCount
GetScrollPos
SetRectEmpty
GetKeyState
MonitorFromPoint
DestroyMenu
SetDlgItemInt
ShowWindowAsync
IsWindow
DrawTextA
DrawStateW
IsCharAlphaA
VkKeyScanA
IsRectEmpty
BeginDeferWindowPos
InSendMessage
SetMenuItemBitmaps
DrawFocusRect
DestroyCaret
CharLowerA
WindowFromPoint
CharToOemBuffA
CharToOemW
VkKeyScanW

comctl32

ImageList_GetIconSize
ImageList_Create
PropertySheetW
ImageList_Write

shlwapi

ord29
StrTrimA
StrRChrA

gdi32

LineDDA
CreateDIBSection
SetPaletteEntries
CreateICW
SetWindowOrgEx
GetPaletteEntries
BeginPath
StretchDIBits
GetTextExtentPointW
GetDeviceCaps
GetWindowOrgEx
GetTextCharsetInfo

kernel32

GetProcessHeap
GlobalLock
DeleteFileW
VerSetConditionMask
ConnectNamedPipe
HeapAlloc
GetFullPathNameW
FlushViewOfFile
SetLastError
GlobalCompact
LocalAlloc
VirtualQuery
GlobalHandle
GetModuleHandleA
GetCommState
GetModuleFileNameA
GetTickCount
GetModuleFileNameW

msvcrt

exit

Exports

Exports

?QG_uJ_PJ____jJY_i_a_@@PTPAKPAF_N@Z

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.$debug
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data2
Size: 1024B - Virtual size: 523B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80b4fb95ddc4a71d806fa63cbe4e09bd

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

comctl32

shlwapi

gdi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 129KB

.edata Size: 512B - Virtual size: 185B

.idata Size: 2KB - Virtual size: 1KB

.$debug Size: 512B - Virtual size: 105B

.data1 Size: 512B - Virtual size: 116B

.data2 Size: 1024B - Virtual size: 523B

.data3 Size: 512B - Virtual size: 408B

.data4 Size: 512B - Virtual size: 512B

.data Size: 2KB - Virtual size: 91KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 129KB - Virtual size: 129KB

.edata
Size: 512B - Virtual size: 185B

.idata
Size: 2KB - Virtual size: 1KB

.$debug
Size: 512B - Virtual size: 105B

.data1
Size: 512B - Virtual size: 116B

.data2
Size: 1024B - Virtual size: 523B

.data3
Size: 512B - Virtual size: 408B

.data4
Size: 512B - Virtual size: 512B

.data
Size: 2KB - Virtual size: 91KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB