c614bf09e2eaeeeb2808e4d4340ae141

Sharing

Copy URL

Twitter E-mail

General

Target

c614bf09e2eaeeeb2808e4d4340ae141
Size

517KB
MD5

c614bf09e2eaeeeb2808e4d4340ae141
SHA1

1fbffa0e4eb53effae48bf105267d9674474bfb9
SHA256

afe3e8554b4ef0c44c3ae1b7d586c520b2038466754e30e14887df68df6a5823
SHA512

f23149aabc7d81b5dfac7d252ffd402a9ef579e9614f8da4d30ebba7694a62596ce20338724e6dbe728e105c7a495e25f6af532280857f6f57342ab3d029f530
SSDEEP

12288:ZqR9GT/NOACuzrjWBAh2MhwAnyNHJQVc2w1cNuPAGTqq:GITPzrt2MOJspw3PAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c614bf09e2eaeeeb2808e4d4340ae141

Files

c614bf09e2eaeeeb2808e4d4340ae141
.exe windows:4 windows x86 arch:x86

9e0d40bd5c13869013e1281d8f567450

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDesktopFolder

kernel32

GetVersionExA
WideCharToMultiByte
GetStdHandle
OpenFile
GetLocaleInfoA
GetStringTypeA
HeapDestroy
GetStartupInfoW
WriteFileEx
TlsSetValue
VirtualFree
GetOEMCP
TerminateProcess
IsValidCodePage
VirtualQuery
WaitForSingleObject
SetFilePointer
ReadFile
HeapCreate
WriteFile
RtlUnwind
OpenMutexA
EnterCriticalSection
GetStartupInfoA
FreeEnvironmentStringsA
GetCurrentThreadId
GetDateFormatA
GetSystemTimeAsFileTime
GetCurrentProcess
CloseHandle
EnumSystemLocalesA
GetCurrentProcessId
EnumResourceTypesW
LCMapStringA
WritePrivateProfileStructA
IsBadWritePtr
DeleteCriticalSection
GetProcessHeaps
GetUserDefaultLCID
TlsAlloc
HeapReAlloc
HeapAlloc
VirtualProtect
GetModuleFileNameW
SetLastError
TlsFree
SetEnvironmentVariableA
SetFileAttributesA
GetProcAddress
UnhandledExceptionFilter
MultiByteToWideChar
GetCPInfo
WaitForSingleObjectEx
CompareStringW
GetLastError
GetCommandLineW
LeaveCriticalSection
SetStdHandle
LoadLibraryA
CreateMutexA
GetStringTypeW
GetModuleFileNameA
CompareStringA
InitializeCriticalSection
GetTimeZoneInformation
LCMapStringW
GetFileType
GetACP
GetModuleHandleA
GetCurrentThread
FlushFileBuffers
FreeEnvironmentStringsW
SetHandleCount
GetTickCount
WriteConsoleOutputCharacterA
GetCommandLineA
GetTimeFormatA
HeapFree
GetEnvironmentStrings
QueryPerformanceCounter
VirtualAlloc
InterlockedExchange
IsValidLocale
WaitCommEvent
HeapSize
ExitProcess
GetEnvironmentStringsW
TlsGetValue
GetSystemInfo
GetLocaleInfoW

user32

RegisterDeviceNotificationA
IsWindow
RemovePropW
GetOpenClipboardWindow
DestroyWindow
OpenDesktopW
SetDeskWallpaper
MessageBoxIndirectA
SetSystemCursor
SystemParametersInfoW
RegisterClassExA
GetWindowRgn
DefMDIChildProcW
SetClipboardData
UpdateWindow
RegisterClassA
GetUserObjectSecurity
SetShellWindow

comctl32

InitCommonControlsEx

comdlg32

GetFileTitleW

advapi32

RegQueryValueExA

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e0d40bd5c13869013e1281d8f567450

Headers

File Characteristics

Imports

shell32

kernel32

user32

comctl32

comdlg32

advapi32

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 8KB - Virtual size: 13KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 8KB - Virtual size: 13KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 10KB - Virtual size: 10KB