b97cb12f641b27ed466732d6eae5120b

Sharing

Copy URL Twitter E-mail

General

Target

b97cb12f641b27ed466732d6eae5120b
Size

622KB
MD5

b97cb12f641b27ed466732d6eae5120b
SHA1

051c0b6b6173c3fe424f5c8944d6b0216d77fd99
SHA256

86270d1df439552dcb6090f9f4c29ec08deeff7b832c6b9bbb9ef88c8df52f3a
SHA512

8a287e4e421be0f3522b80bfad55146d7e823cd536c3b3d1b6ca37e8122995e5667aa14afac81051f3f19cd233bb57f7e01a4f8969c16b475daf3ab2b43cbffa
SSDEEP

12288:uUMsWUfXwENX59xIorvhdNuyQ0ZZ97DGAvCHaVRVgQU2:JmUfgENp9imvhdNuyQGZVGA6H8TgP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b97cb12f641b27ed466732d6eae5120b

Files

b97cb12f641b27ed466732d6eae5120b
.exe windows:4 windows x86 arch:x86

92cca374e37584497b669a73aaeeefb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
RegisterClassExA
CreateWindowExA
DrawEdge
SetClassLongA
IsZoomed
SetSysColors
LoadMenuA
SetProcessDefaultLayout
GetWindowModuleFileNameW
CharPrevW
BroadcastSystemMessage
MessageBoxW
GetMenuItemInfoW
RegisterClassA
UnregisterClassW
MoveWindow
InsertMenuA
SetScrollPos
GetNextDlgTabItem

comctl32

ImageList_GetImageRect
InitCommonControlsEx
ImageList_Replace
ImageList_Copy
ImageList_SetIconSize
ImageList_SetFlags
ImageList_AddIcon
ImageList_Add
ImageList_LoadImage
CreateToolbarEx

comdlg32

GetSaveFileNameA
PageSetupDlgW

kernel32

VirtualFree
FreeEnvironmentStringsA
ExitProcess
WriteFileEx
GetSystemInfo
RtlUnwind
FlushFileBuffers
OpenMutexA
WriteConsoleInputA
SetFileAttributesW
TerminateProcess
CompareStringW
MultiByteToWideChar
CreateMutexA
GetCPInfo
TlsGetValue
EnumDateFormatsA
LCMapStringA
FreeEnvironmentStringsW
GetOEMCP
GetStartupInfoA
HeapFree
GetFileType
EnumSystemLocalesA
SetLastError
LocalLock
TlsSetValue
WriteFile
GetModuleHandleA
GetTickCount
GetShortPathNameW
GetDateFormatA
GetCurrentProcessId
GetProcAddress
GetLocaleInfoW
GetEnvironmentStrings
GetTimeFormatA
GetStringTypeW
HeapCreate
GetACP
LCMapStringW
DeleteCriticalSection
CompareStringA
GetDiskFreeSpaceW
CreateMailslotA
InitializeCriticalSection
SetHandleCount
LoadLibraryA
GetCurrentThreadId
IsBadWritePtr
GetSystemTimeAsFileTime
GetCurrentProcess
GetUserDefaultLCID
EnumResourceLanguagesA
IsValidCodePage
CloseHandle
InterlockedExchange
GetTimeZoneInformation
lstrcpy
TlsFree
CreateWaitableTimerA
GetModuleFileNameA
VirtualProtect
SetStdHandle
GetCommandLineA
QueryPerformanceCounter
HeapAlloc
HeapSize
TlsAlloc
LeaveCriticalSection
GetStringTypeA
ReadFile
EnterCriticalSection
GetStdHandle
GetLocaleInfoA
GetLastError
GetCurrentThread
SetEnvironmentVariableA
IsValidLocale
UnhandledExceptionFilter
GetEnvironmentStringsW
HeapDestroy
SetFilePointer
VirtualAlloc
CreatePipe
GetVersionExA
VirtualQuery
WideCharToMultiByte
HeapReAlloc

Sections

.text
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92cca374e37584497b669a73aaeeefb9

Headers

File Characteristics

Imports

user32

comctl32

comdlg32

kernel32

Sections

.text Size: 443KB - Virtual size: 442KB

.rdata Size: 43KB - Virtual size: 64KB

.data Size: 118KB - Virtual size: 118KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 443KB - Virtual size: 442KB

.rdata
Size: 43KB - Virtual size: 64KB

.data
Size: 118KB - Virtual size: 118KB

.rsrc
Size: 16KB - Virtual size: 16KB