be8cdb2d1baacd834c42e37673dc5eb9

Sharing

Copy URL

Twitter E-mail

General

Target

be8cdb2d1baacd834c42e37673dc5eb9
Size

514KB
MD5

be8cdb2d1baacd834c42e37673dc5eb9
SHA1

3cd84ec99697a8cfd7962762deacff83492d43fa
SHA256

127546fe3f07bfde6d18f17e386168e5f7d5390b62685a761ff59f211abd08a6
SHA512

c0579ba3b6b8298bb788768cbac8d9eed9c30deb7c08bda5b243af1f3053ac0ebe0d816bd93cf26ad20cb819769a06cc3418140ffe7798f4107529590768c14b
SSDEEP

12288:wlaDzV6rA1XnuJCzyHYHHqYvSV0pagY2if:GczeA5++y4HHqYvS+pNni

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be8cdb2d1baacd834c42e37673dc5eb9

Files

be8cdb2d1baacd834c42e37673dc5eb9
.exe windows:4 windows x86 arch:x86

4d8020aa3fea4932388f8ba0354dfc4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckMenuItem
DragObject
RegisterClassA
GetUpdateRect
SetShellWindow
DdeCreateStringHandleW
RegisterClassExA
EnumPropsA
DestroyCursor
TranslateMessage

comctl32

InitCommonControlsEx

comdlg32

ChooseFontW
ChooseColorA
ChooseColorW
GetOpenFileNameW

kernel32

Sleep
GetDateFormatA
VirtualQuery
FindFirstFileExA
QueryPerformanceCounter
TlsSetValue
TlsFree
GetStringTypeA
GetProcAddress
GetCommandLineW
OpenMutexA
GetModuleHandleW
FreeEnvironmentStringsW
HeapDestroy
GetCurrentThread
GetTickCount
LoadLibraryA
GetStartupInfoW
GetLocaleInfoA
InterlockedExchange
CreateFileA
WriteConsoleW
IsValidCodePage
ReadFile
FreeLibrary
EnumSystemLocalesA
GetCurrentProcessId
CompareStringA
GetConsoleCP
GetStartupInfoA
WriteConsoleA
TlsGetValue
HeapReAlloc
RtlUnwind
GetTimeZoneInformation
LCMapStringW
TlsAlloc
SetLastError
GetOEMCP
SetConsoleCtrlHandler
SetEnvironmentVariableA
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetConsoleOutputCP
CompareStringW
GetTempFileNameW
SetStdHandle
GetStringTypeW
SetUnhandledExceptionFilter
GetCurrentProcess
CreateMutexA
GetEnvironmentStringsW
GetTimeFormatA
GetModuleHandleA
GetCPInfo
GetStdHandle
GetModuleFileNameA
ExitProcess
LockResource
InterlockedIncrement
GetACP
HeapAlloc
UnhandledExceptionFilter
GetFileType
VirtualFree
IsDebuggerPresent
WriteFile
GetCurrentThreadId
GetConsoleMode
FlushFileBuffers
HeapCreate
IsValidLocale
TerminateProcess
GetUserDefaultLCID
EnterCriticalSection
SetFilePointer
GetLocaleInfoW
InterlockedDecrement
WideCharToMultiByte
HeapFree
HeapSize
GetCommandLineA
GetLastError
LCMapStringA
CloseHandle
GetModuleFileNameW
MultiByteToWideChar
SetHandleCount
LeaveCriticalSection
DeleteCriticalSection

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d8020aa3fea4932388f8ba0354dfc4c

Headers

File Characteristics

Imports

user32

comctl32

comdlg32

kernel32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 9KB - Virtual size: 27KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 9KB - Virtual size: 27KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 7KB - Virtual size: 7KB