c87aeb061b491efd97bbc97033bb2fa5

Sharing

Copy URL

Twitter E-mail

General

Target

c87aeb061b491efd97bbc97033bb2fa5
Size

173KB
MD5

c87aeb061b491efd97bbc97033bb2fa5
SHA1

3ee0750913cb8a226ec30b9fcc0f5e725fcb2b41
SHA256

9162526bf7721742728081b939da1912cb5e9ffbb81d2920ab25f528b82db581
SHA512

d7006415dc33d57c9e95c31d311252fed2c11ce269718036fff7532312ad69b59022c483141f710bf3826d898a758f2df91f95fadb885d601c5febad18fb6052
SSDEEP

3072:p/t8n3816DDLx2K5JggDlJy824ezDlieKKonXh63rYDp:p/tC36yxL5JgY1jezwRKmOi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c87aeb061b491efd97bbc97033bb2fa5

Files

c87aeb061b491efd97bbc97033bb2fa5
.exe windows:4 windows x86 arch:x86

053b605deb88b2c136458582d3e601a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathIsUNCW
PathFileExistsW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathAppendW

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyW
RegCloseKey
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

user32

SetActiveWindow
OffsetRect
CharNextW
InvalidateRgn
GetMessagePos
IsChild
RemovePropW
AdjustWindowRectEx
UpdateWindow
GetClassInfoExW
CopyAcceleratorTableW
CallWindowProcW
GetClientRect
SetRect
IsRectEmpty
CreateWindowExW
GetForegroundWindow
IntersectRect
GetPropW
SetForegroundWindow
CharUpperW
MapWindowPoints
GetClassInfoW
GetMessageTime
InvalidateRect
GetClassLongW
WinHelpW
EqualRect
MessageBeep
SendDlgItemMessageA
IsWindow
GetNextDlgGroupItem
DefWindowProcW
IsIconic
GetTopWindow
GetNextDlgTabItem
GetWindowPlacement
LoadIconW
GetMenu
SetPropW
RegisterClassW
RegisterWindowMessageW
DestroyMenu

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

kernel32

LoadResource
GetLocaleInfoA
LocalFileTimeToFileTime
GetCalendarInfoW
SetFilePointer
GetCurrentDirectoryW
GetModuleHandleW
SizeofResource
GetLocaleInfoW
ConvertDefaultLocale
GetSystemDefaultLangID
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpiA
GetVersionExW
CreateFileW
GetThreadContext
GetCurrentProcessId
InterlockedExchange
GetFileAttributesW
RemoveDirectoryW
WriteFile
FreeLibrary
CreateDirectoryW
lstrcpyW
RaiseException
InterlockedDecrement
MoveFileW
EnumResourceNamesA
ReadFile
LockResource
CloseHandle
SystemTimeToFileTime
GetThreadLocale
InitializeCriticalSection
GetProcAddress
GetVersion
ReleaseMutex
ExitProcess
WaitForSingleObject
GetACP
FindResourceW
SetFileTime
DeleteCriticalSection
LoadLibraryW
FindNextFileW
VirtualFree
FindClose
MultiByteToWideChar
DeleteFileW
WideCharToMultiByte
FindFirstFileW
CreateMutexW
lstrcmpA

gdi32

DeleteObject
SetTextColor
GetDeviceCaps
SetViewportOrgEx
Escape
ExtTextOutW
GetRgnBox
SetWindowExtEx
SetMapMode
GetBkColor
GetObjectW
RestoreDC
SetBkColor
OffsetViewportOrgEx
PtVisible
TextOutW
GetClipBox
SaveDC
SelectObject
DeleteDC
ScaleViewportExtEx
CreateBitmap
RectVisible
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetStockObject
ScaleWindowExtEx
GetTextColor
SetViewportExtEx
ExtSelectClipRgn
CreateRectRgnIndirect

ole32

CoRevokeClassObject
CoInitialize
OleIsCurrentClipboard
CoUninitialize
OleUninitialize
StgCreateDocfileOnILockBytes
CoGetClassObject
OleFlushClipboard
StgOpenStorageOnILockBytes
OleInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CreateILockBytesOnHGlobal
CLSIDFromProgID
CLSIDFromString

oledlg

OleUIBusyW

comdlg32

GetFileTitleW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

053b605deb88b2c136458582d3e601a7

Headers

File Characteristics

Imports

shlwapi

advapi32

user32

winspool.drv

kernel32

gdi32

ole32

oledlg

comdlg32

shell32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 66KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 66KB

.edata
Size: 1024B - Virtual size: 92KB