c38ea983a6d4f8398c0c2a05e98e0791

Sharing

Copy URL Twitter E-mail

General

Target

c38ea983a6d4f8398c0c2a05e98e0791
Size

427KB
MD5

c38ea983a6d4f8398c0c2a05e98e0791
SHA1

acf518b78cfa2e851854c6e070365b839e4f7699
SHA256

bc684c23f48f325a736f0f1395915c272bba44cb86e7b3cb0ad21d39cef034e0
SHA512

e8f6b8859638cb13f0277288d17c0e54722f7bda50d6d0b3a661c4c1eca84d32e20bd56839276e3939e59270be7c6b0be9291a4b357775daf570fd4986980c25
SSDEEP

12288:Z/5Pdp/YY5J6MRRApJ2HGHbomIEV9Hq7ll8oqv4r5to:lx+XI89HKl+oqOto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c38ea983a6d4f8398c0c2a05e98e0791

Files

c38ea983a6d4f8398c0c2a05e98e0791
.exe windows:4 windows x86 arch:x86

49b11722e7ab976237efd35aef6fc596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiSetBatchLimit
GetEnhMetaFilePaletteEntries
CreateScalableFontResourceW
AbortPath
CheckColorsInGamut
ResetDCA
SelectClipRgn
SetLayout
ColorCorrectPalette
PlayEnhMetaFile
GetCharacterPlacementA
EndPath
SetSystemPaletteUse
OffsetWindowOrgEx
GetViewportOrgEx
ColorMatchToTarget
OffsetClipRgn
ResizePalette
PlgBlt
DeviceCapabilitiesExW
Arc
CreateCompatibleDC
Polygon
GetMetaFileBitsEx

user32

DefMDIChildProcA
CharLowerBuffA
CreateWindowStationW
LoadCursorW
OemToCharBuffA
GetIconInfo
GetFocus
IsClipboardFormatAvailable
MsgWaitForMultipleObjects
SetDoubleClickTime
RealChildWindowFromPoint
GetClipboardFormatNameA
GetClientRect

shell32

ExtractAssociatedIconW
SheGetDirA
ExtractAssociatedIconExA
DragQueryFileA
ShellExecuteEx
SHGetSpecialFolderPathA
RealShellExecuteExW
SHAppBarMessage
ExtractIconW
SHGetInstanceExplorer
SHGetPathFromIDList
CommandLineToArgvW
ExtractAssociatedIconA
SHEmptyRecycleBinA
ExtractIconExA
SHAddToRecentDocs
SHGetSettings
SHFileOperationW
SheChangeDirA
SHGetDiskFreeSpaceA
SHInvokePrinterCommandW
DragQueryFileAorW
SHGetFileInfo
DragQueryPoint

advapi32

CryptVerifySignatureW
CryptGetDefaultProviderW
InitiateSystemShutdownW
RevertToSelf
RegQueryValueExW
CryptDuplicateHash
CreateServiceW
RegCreateKeyW
RegSetValueA
AbortSystemShutdownW
RegSetKeySecurity
RegEnumValueA
CryptSetKeyParam
CryptDestroyKey
LookupPrivilegeValueA
CryptSetProviderW
LookupSecurityDescriptorPartsA
LookupSecurityDescriptorPartsW
RegConnectRegistryW
RegSetValueW

kernel32

HeapFree
GetTimeZoneInformation
GetCurrentThreadId
GetSystemInfo
TlsFree
GetTickCount
GetCommandLineW
GetCurrentProcessId
GetModuleHandleA
CompareStringA
GetCPInfo
LCMapStringA
EnumSystemLocalesA
LoadLibraryA
WritePrivateProfileStructA
GetStringTypeA
GetLastError
FreeEnvironmentStringsA
FindResourceW
GetFileType
GetACP
TlsGetValue
TerminateProcess
CompareStringW
GetCommandLineA
HeapSize
FreeEnvironmentStringsW
WideCharToMultiByte
QueryPerformanceCounter
HeapAlloc
GetSystemTimeAsFileTime
VirtualQuery
GetVolumeInformationW
WriteFile
GetEnvironmentStringsW
GetStdHandle
EnterCriticalSection
GetDateFormatA
DeleteCriticalSection
lstrlenA
SetHandleCount
GetProcAddress
GetOEMCP
LeaveCriticalSection
IsBadWritePtr
TlsAlloc
SetLastError
UnhandledExceptionFilter
GetEnvironmentStrings
GetCurrentProcess
GetStartupInfoW
GetCurrentThread
GetLocaleInfoW
GetStartupInfoA
GetUserDefaultLCID
GetVersionExA
VirtualAlloc
GetModuleFileNameW
RtlUnwind
TlsSetValue
InterlockedExchange
LCMapStringW
GetModuleFileNameA
lstrcatA
SetEnvironmentVariableA
VirtualProtect
IsValidLocale
HeapReAlloc
VirtualFree
InitializeCriticalSection
HeapDestroy
HeapCreate
MultiByteToWideChar
ExitProcess
GetLocaleInfoA
GetTimeFormatA
GetStringTypeW
IsValidCodePage

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49b11722e7ab976237efd35aef6fc596

Headers

File Characteristics

Imports

gdi32

user32

shell32

advapi32

kernel32

Sections

.text Size: 138KB - Virtual size: 138KB

.data Size: 278KB - Virtual size: 284KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 138KB - Virtual size: 138KB

.data
Size: 278KB - Virtual size: 284KB

.rsrc
Size: 9KB - Virtual size: 9KB