02e7337fd5b4c2e01d7a019078da5f6212ff5a6a77ffb73d6f51517dc6861b69

Sharing

Copy URL Twitter E-mail

General

Target

02e7337fd5b4c2e01d7a019078da5f6212ff5a6a77ffb73d6f51517dc6861b69
Size

163KB
MD5

977b59b36630c75fe978ac85c9906499
SHA1

25ff9e1c9b4a3af69f918fa8925a3046a629e93c
SHA256

02e7337fd5b4c2e01d7a019078da5f6212ff5a6a77ffb73d6f51517dc6861b69
SHA512

00cfe102bc2f7c32907f6f37c55a602c17033e16a83301623668f2a2debe9542af4c79212a7d233f721c2a22a9692fb1ebed349fd1c171f3fe96eda69d90fc64
SSDEEP

3072:jTlX8Vv+J5y/w3YgioSeJEPxI5w0lBTFhrLpict+FKgyvp8JN:3li4o3GTyxI5tR3picgYx8b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e7337fd5b4c2e01d7a019078da5f6212ff5a6a77ffb73d6f51517dc6861b69

Files

02e7337fd5b4c2e01d7a019078da5f6212ff5a6a77ffb73d6f51517dc6861b69
.exe windows:4 windows x86 arch:x86

0c16612e4fc64aaf1db44dc973520c4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegQueryInfoKeyA

kernel32

MultiByteToWideChar
GetSystemTimeAsFileTime
RaiseException
SetStdHandle
SetHandleInformation
QueryPerformanceCounter
SetHandleCount
LeaveCriticalSection
RtlUnwind
GetVersionExA
LoadLibraryExA
IsBadWritePtr
TlsSetValue
GetEnvironmentStringsW
InterlockedExchange
InterlockedIncrement
VirtualAlloc
FreeLibrary
MulDiv
GetStartupInfoA
GetCurrentThreadId
LoadResource
TransmitCommChar
GetCPInfo
GetCurrentProcessId
lstrcpyA
IsDBCSLeadByte
EnterCriticalSection
lstrcatA
GetLocaleInfoA
GetOEMCP
DisableThreadLibraryCalls
VirtualFree
SetFilePointer
LoadLibraryA
HeapSize
InterlockedDecrement
HeapAlloc
lstrlenW
EnumResourceNamesW
TlsGetValue
SizeofResource
GetLastError
lstrlenA
GetSystemInfo
GetStdHandle
GetFileType
FlushFileBuffers
IsBadReadPtr
WideCharToMultiByte
IsBadCodePtr
TlsAlloc
WriteFile
GetThreadLocale
UnhandledExceptionFilter
TerminateProcess
GetTickCount
HeapCreate
VirtualQuery
HeapDestroy
LCMapStringW
GetCurrentProcess
ExitProcess
FreeEnvironmentStringsA
SetLastError
GetCommandLineA
LockResource
GetModuleHandleA
GetProcessHeap
DeleteCriticalSection
GetStringTypeA
lstrcmpiA
HeapReAlloc
GetStringTypeW
ExitProcess
InitializeCriticalSection
FlushInstructionCache
VirtualProtect
lstrcpynA
GetACP
GetProcAddress
TlsFree
GetEnvironmentStrings
FreeEnvironmentStringsW
CloseHandle
GetModuleFileNameA
SetUnhandledExceptionFilter
FindResourceA
LCMapStringA
HeapFree

user32

GetDC
MoveWindow
UnregisterClassA
IsDlgButtonChecked
EnableWindow
CheckDlgButton
IsDialogMessageA
SetWindowLongA
GetDialogBaseUnits
CreateDialogParamA
IsWindow
SendMessageA
ReleaseDC
ShowWindow
DestroyWindow
SetDlgItemTextA
GetDlgItemTextA
GetDlgItem
WinHelpA
CharNextA

gdi32

SelectObject
GetTextMetricsA
GetDeviceCaps
DeleteObject
GetTextExtentPointA
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

ole32

StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

shlwapi

PathFindExtensionA

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c16612e4fc64aaf1db44dc973520c4f

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

msimg32

ole32

shlwapi

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 22KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 22KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 72KB