03f892ffe15a7a263b18944d2f10033a7b2cc59fa2c2695c04902e4e52ca1074

Sharing

Copy URL Twitter E-mail

General

Target

03f892ffe15a7a263b18944d2f10033a7b2cc59fa2c2695c04902e4e52ca1074
Size

192KB
MD5

6c2e3fb3bb38ee60371fb6d9d0daaab3
SHA1

05861900f72ef350485af1c11172df083e3012b1
SHA256

03f892ffe15a7a263b18944d2f10033a7b2cc59fa2c2695c04902e4e52ca1074
SHA512

709b0519ffd2a67d22b1aa365155df362ae4aa79451097698ee5b415629b16032bf03b4991793d278988142a3b72e4aa77d80251dfe1a1214e86debc8c0f319c
SSDEEP

3072:6Z6yn7u1v176XaEcduTjdZJ18G0QKKUFplcAbo6PWlKMswIcNZgkui:6Zr7m7oHTJB8d2PKMsjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f892ffe15a7a263b18944d2f10033a7b2cc59fa2c2695c04902e4e52ca1074

Files

03f892ffe15a7a263b18944d2f10033a7b2cc59fa2c2695c04902e4e52ca1074
.exe windows:4 windows x86 arch:x86

e606d85c41bc6a09f733b69edfa52cad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA
GetFileVersionInfoA
VerQueryValueA

ole32

CoReleaseMarshalData
ReleaseStgMedium
WriteClassStm
CLSIDFromString
CoGetMalloc
OleRegGetUserType
StgOpenStorage
CLSIDFromProgID
CoUninitialize
StgCreateDocfileOnILockBytes

gdi32

GetDIBits
GetRgnBox
SetPixel
CreateCompatibleDC

kernel32

GetFullPathNameA
LockResource
SetFilePointer
IsBadReadPtr
LocalReAlloc
MulDiv
GetCommandLineW
LoadLibraryA
EnumCalendarInfoA
GetThreadLocale
LoadLibraryExA
MoveFileExA
lstrcmpiA
VirtualQuery
GetStdHandle
CreateEventA
HeapFree
GetCurrentProcessId
ExitThread
SetEvent
FreeLibrary
GetStringTypeW
GetACP
GetLastError
InitializeCriticalSection
GetModuleHandleW
RaiseException
GetCurrentProcess
GetSystemDefaultLangID
GetLocalTime
FreeResource
HeapAlloc
GlobalFindAtomA
lstrlenA
Sleep
ExitProcess
LocalFree
WideCharToMultiByte
VirtualAllocEx
SetHandleCount
GetDateFormatA
SetEndOfFile
CreateFileA
DeleteFileA
GlobalAlloc
GetModuleHandleA
VirtualAlloc
SetLastError
MoveFileA
LoadResource
GetProcAddress
SetErrorMode

Sections

CODE
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e606d85c41bc6a09f733b69edfa52cad

Headers

File Characteristics

Imports

version

ole32

gdi32

kernel32

Sections

CODE Size: 96KB - Virtual size: 94KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 2KB

.bss Size: 4KB - Virtual size: 1KB

.gdata Size: 60KB - Virtual size: 59KB

.rsrc Size: 8KB - Virtual size: 7KB

CODE
Size: 96KB - Virtual size: 94KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 2KB

.bss
Size: 4KB - Virtual size: 1KB

.gdata
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 8KB - Virtual size: 7KB