c167f6b4c28f88b94e73046bbf228f2b

Sharing

Copy URL Twitter E-mail

General

Target

c167f6b4c28f88b94e73046bbf228f2b
Size

269KB
MD5

c167f6b4c28f88b94e73046bbf228f2b
SHA1

72dad45eb3e4dc37fa0a2aa787cd331b4567c8b4
SHA256

a70ad20a2f296a73f2619a36855cf657e1e6d81e1383e87d585b995db8f5ff5e
SHA512

9eb8763a95377fcd104aaba9712064e3322223aeb50516491a6a80638d90092e816eef7fed05986e8530bf0280ef6b79ce17c209568219466696e1d2825b8559
SSDEEP

6144:P5QQ7MEA5wQXOT4BSqdaZT+okW8YfehveKQRJ:QEWwv/Ru80eKo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c167f6b4c28f88b94e73046bbf228f2b

Files

c167f6b4c28f88b94e73046bbf228f2b
.exe windows:4 windows x86 arch:x86

0c40224fc26bfeb55b2a88c0ebc7fe83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
lstrcat
InterlockedDecrement
FreeLibraryAndExitThread
RtlUnwind
GetModuleHandleW
SetFileAttributesA
GetCurrentProcess
GetEnvironmentStrings
VirtualAlloc
IsValidCodePage
HeapSize
HeapReAlloc
GetACP
LocalLock
FreeLibrary
CopyFileExA
IsDebuggerPresent
GetModuleFileNameA
CompareStringW
GetLocaleInfoW
ExitProcess
EnumSystemLocalesA
GetLocaleInfoA
WriteFile
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
AddAtomA
GetTimeFormatA
QueryPerformanceCounter
Sleep
MultiByteToWideChar
GetCommandLineA
LCMapStringW
SetLastError
VirtualFreeEx
HeapAlloc
GetCurrentThread
HeapFree
SetCurrentDirectoryA
VirtualFree
GetCurrentProcessId
GlobalAlloc
GetOEMCP
WideCharToMultiByte
SetEnvironmentVariableA
GetStringTypeW
ReadConsoleOutputCharacterA
FreeEnvironmentStringsA
GetStartupInfoA
CompareStringA
TlsGetValue
SetConsoleCtrlHandler
HeapDestroy
GetLastError
UnhandledExceptionFilter
TlsSetValue
TlsFree
GetShortPathNameW
LeaveCriticalSection
LCMapStringA
CreateDirectoryW
GetSystemDefaultLangID
lstrcmpA
GetStringTypeA
GetProcAddress
FreeEnvironmentStringsW
GetCPInfo
SetEndOfFile
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetTimeZoneInformation
TlsAlloc
GetDateFormatA
VirtualQuery
SetUnhandledExceptionFilter
SetHandleCount
CreateWaitableTimerW
InterlockedIncrement
GetCurrentThreadId
GetUserDefaultLCID
TransmitCommChar
TerminateProcess
EnterCriticalSection
HeapCreate
CopyFileA
GetModuleHandleA
IsValidLocale
GetFileType
GetStdHandle

shell32

SHGetInstanceExplorer
ExtractAssociatedIconExW
RealShellExecuteExW
DoEnvironmentSubstW
CheckEscapesW
SheSetCurDrive
ExtractAssociatedIconW
SHLoadInProc
FindExecutableA
SHGetSettings
SHFreeNameMappings
SHBrowseForFolderW
DragQueryPoint
ShellExecuteEx
FindExecutableW
InternalExtractIconListW
RealShellExecuteW
SheChangeDirExW
SHGetFileInfo
ShellExecuteA
InternalExtractIconListA
DragQueryFileAorW

gdi32

GetCharacterPlacementA
Chord
ArcTo
EnumFontsW

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c40224fc26bfeb55b2a88c0ebc7fe83

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

Sections

.text Size: 122KB - Virtual size: 122KB

.data Size: 139KB - Virtual size: 145KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 122KB - Virtual size: 122KB

.data
Size: 139KB - Virtual size: 145KB

.rsrc
Size: 7KB - Virtual size: 6KB