03c837713d2cc284603867defaabafe4834b05a550be0f0fa648d53c7df3df48

Sharing

Copy URL Twitter E-mail

General

Target

03c837713d2cc284603867defaabafe4834b05a550be0f0fa648d53c7df3df48
Size

86KB
MD5

0e70694c2e459dd7c9691d50d49f6d36
SHA1

6410f90dc13e8fbd9293a24e5f9221f82104883f
SHA256

03c837713d2cc284603867defaabafe4834b05a550be0f0fa648d53c7df3df48
SHA512

0849383498a44eba4352382d1f5ecdf8aa47f5a3296f111d745b0680c548bcd71b077a7cc31215299edc8e03535d19770372f7fa1ccdbc549702b4fddeaae86c
SSDEEP

1536:mtjnSsWE+neXQyaMqwNis4lgfEwzvvQgzLDfFNmz+RxtcToUrAGgobu5j:qWE+nGHNidlgMwz3QwL7/v0oA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03c837713d2cc284603867defaabafe4834b05a550be0f0fa648d53c7df3df48

Files

03c837713d2cc284603867defaabafe4834b05a550be0f0fa648d53c7df3df48
.exe windows:5 windows x86 arch:x86

7c3c561cbc24c8799a689e0c20081afd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EnableMenuItem
GetMessageA
EqualRect
UnhookWindowsHookEx
SetWindowPos
FrameRect
SetWindowTextA
GetSysColor
EnumWindows
GetSysColorBrush
PostQuitMessage
GetSubMenu
GetScrollPos

kernel32

GetSystemTime
FileTimeToSystemTime
GetThreadLocale
GetStartupInfoA
GetOEMCP
SetUnhandledExceptionFilter
ExitProcess
GetACP
GetTempPathA
GetFileAttributesA
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
VirtualAllocEx
GetTimeZoneInformation
InterlockedExchange

gdi32

CopyEnhMetaFileA
SetViewportExtEx
CreateICW
DPtoLP
FillRgn
GetMapMode
ExcludeClipRect
CreateCompatibleBitmap
SelectClipPath

ole32

CoInitializeSecurity
DoDragDrop
CoRevokeClassObject
CoTaskMemRealloc
StgOpenStorage
CoCreateInstance
OleRun
StringFromGUID2
CoInitialize

advapi32

FreeSid
GetSecurityDescriptorDacl
AdjustTokenPrivileges
CryptHashData
RegCreateKeyExW
QueryServiceStatus
CheckTokenMembership
RegQueryValueExW
RegCreateKeyA
GetUserNameA

msvcrt

_flsbuf
_fdopen
__initenv
fflush
signal
_lock
_mbscmp
strcspn
strlen
__getmainargs
raise
puts
iswspace
_CIpow
_strdup
fprintf
__setusermatherr
strncpy

comctl32

InitCommonControls
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_GetIcon
ImageList_Write
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_Destroy
ImageList_GetBkColor
ImageList_LoadImageW
ImageList_DragEnter

shell32

DoEnvironmentSubstW
DragQueryFileW
ExtractIconExW
ShellExecuteEx
DragQueryFileA
DragAcceptFiles
ShellExecuteW
SHBrowseForFolderA
ExtractIconW
CommandLineToArgvW
SHGetPathFromIDList

oleaut32

SafeArrayRedim
SafeArrayUnaccessData
VariantCopy
SysReAllocStringLen
SafeArrayCreate
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c3c561cbc24c8799a689e0c20081afd

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 36KB - Virtual size: 36KB

.data Size: 43KB - Virtual size: 42KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 36KB - Virtual size: 36KB

.data
Size: 43KB - Virtual size: 42KB

.rsrc
Size: 6KB - Virtual size: 80KB