c42676d32913f104d44225dded20fa48

Sharing

Copy URL

Twitter E-mail

General

Target

c42676d32913f104d44225dded20fa48
Size

761KB
MD5

c42676d32913f104d44225dded20fa48
SHA1

52688d95af124a037f068700e1ae290ddfb6468a
SHA256

58dbbdfb8b2d343c6b8723c0d7610ae1e206d3f954831f2df152596b2a7c7b0e
SHA512

f0027c548c6faebcc4c156889676ba114afe53e9222fbe3851cbb07e3253c47256e5af70322b773f4e7428970bab3f4b2204673210e76008d62d8258cf2b0f16
SSDEEP

12288:N7STb8CkgRL6YA9ibIeDi0IuhlHNeA1QIosTzIGU248TkN2dzeokoK9bliIFQ:KRLKib/Di0Iu3teMQs/IGG8lVeoyNvQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c42676d32913f104d44225dded20fa48

Files

c42676d32913f104d44225dded20fa48
.exe windows:4 windows x86 arch:x86

e68dc6157e0be75f5f5eef53a1d97ffb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

user32

DestroyMenu
PostQuitMessage
ReleaseDC
SetWindowPos
IsWindow
GetDC
GetClientRect
GetActiveWindow
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
PeekMessageA
TranslateMessage
SetForegroundWindow
EnableMenuItem
RegisterClassA
GetWindowLongA
CreateWindowExA
FillRect
DispatchMessageA
EndPaint
SetFocus
GetSystemMetrics
GetWindowRect
PostMessageA
SetWindowLongA
SetWindowTextA
SetTimer
GetDlgItem
GetDesktopWindow
EndDialog
MoveWindow
MessageBoxA
GetSysColor
SetCursor
IsWindowVisible
InvalidateRect
SendMessageA
DrawTextA

kernel32

SetLastError
FormatMessageA
InterlockedDecrement
FindClose
CreateEventW
GetEnvironmentVariableA
GetStdHandle
ReleaseMutex
GetFileAttributesA
SetEvent
FindNextFileA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
InterlockedExchange
GetTimeZoneInformation
WaitForSingleObject
GetSystemTimeAsFileTime
SizeofResource
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
FormatMessageW
GetExitCodeProcess
InitializeCriticalSection
GetCommandLineA
GetLastError
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
GetModuleHandleA
GetCurrentThread
GetVersion
ExitProcess
HeapAlloc
GetProcessHeap
CompareStringA
VirtualAlloc
FindResourceA
Sleep
VirtualFree
FindResourceW
UnmapViewOfFile
IsValidCodePage
TlsGetValue
GetModuleHandleW
GlobalLock
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
HeapSize
GetCPInfo
GetCommandLineW
GetEnvironmentStrings
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
LCMapStringW
LeaveCriticalSection
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetModuleFileNameW
CreateProcessA
ExpandEnvironmentStringsA
DuplicateHandle
FindFirstFileW
CreateFileMappingA
ResetEvent
lstrcpyA
FindFirstFileA
lstrcmpA
CompareStringW
WriteFile
GetProcAddress
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
InterlockedIncrement
SetEndOfFile
GlobalAlloc
WriteConsoleA
SetUnhandledExceptionFilter
TerminateProcess
MulDiv
CreateThread
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
IsDebuggerPresent
LoadResource

gdi32

DeleteDC
DeleteObject
CreateCompatibleDC
SetTextColor
SelectObject
CreateSolidBrush
SetBkColor

advapi32

RegOpenKeyExW
RegQueryValueExW

oleaut32

SysAllocStringLen
SysFreeString
VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 725KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e68dc6157e0be75f5f5eef53a1d97ffb

Headers

File Characteristics

Imports

version

ole32

user32

kernel32

gdi32

advapi32

oleaut32

Sections

.text Size: 725KB - Virtual size: 1.0MB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 725KB - Virtual size: 1.0MB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 18KB - Virtual size: 17KB