c93e49fe6ef07b0b90c5847307637d15

Sharing

Copy URL

Twitter E-mail

General

Target

c93e49fe6ef07b0b90c5847307637d15
Size

111KB
MD5

c93e49fe6ef07b0b90c5847307637d15
SHA1

f6a26975367cae4a914059f6f5d06bc4997a48a5
SHA256

506cd640d205d58caab3b4294eaf67c658f5e0d73775413523eec4f3de858390
SHA512

2bf679674aa2e0d38668dcf6bbd521d808a3267b30b5dbb4416f1bc77941184d5e75e33b5d622686544909b7d649b0e7fbe2cbd5d9e670262298d8ae3d1dedf7
SSDEEP

3072:9f4BEFPTZvgcb88zFZjx9nS7Dv/1kBP2H86XYYInMX5dXgy:hTL88zrI/10PZypd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c93e49fe6ef07b0b90c5847307637d15

Files

c93e49fe6ef07b0b90c5847307637d15
.exe windows:5 windows x86 arch:x86

10ccc435734b1345970b8d9682aab43c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetVersionExW
OpenProcess
GetTickCount
VirtualProtect
SetStdHandle
QueryPerformanceCounter
CreateProcessA
GetSystemTime
WideCharToMultiByte
GetModuleHandleA

msvcrt

_except_handler3
strstr
_XcptFilter
fflush
__p__fmode
_adjust_fdiv
__set_app_type
_initterm
exit
__getmainargs
wcschr
_acmdln
log
atof
strcmp
putchar
ctime
wcstombs
__setusermatherr
swprintf
__p__commode
_purecall

user32

RemoveMenu
GetKeyboardType
UpdateWindow
InsertMenuItemA
LoadBitmapA
EqualRect
ShowOwnedPopups
SendMessageA
SetCapture
GetFocus
ShowWindow
BeginPaint
PostMessageA
LoadIconA
InvalidateRect
GetKeyState

shell32

ExtractIconExW
Shell_NotifyIconA
SHGetFolderLocation
SHBindToParent
DragAcceptFiles
SHGetPathFromIDListW
SHFileOperationA
SHBrowseForFolderW
ExtractIconExA

version

VerLanguageNameA
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA

ole32

IsAccelerator
CoTaskMemRealloc
OleRun
IsEqualGUID
OleIsCurrentClipboard
StringFromCLSID
OleInitialize
GetRunningObjectTable

oleaut32

GetErrorInfo
SafeArrayCreate
SafeArrayGetUBound
VariantInit

advapi32

OpenProcessToken
RegQueryInfoKeyW
RegSetValueExW
AddAccessAllowedAce
CryptAcquireContextA
SetSecurityDescriptorGroup
RegSetValueExA
IsValidSid
CryptCreateHash

gdi32

SetPixel
PolylineTo
GetCurrentObject
SetMetaFileBitsEx
IntersectClipRect
StretchBlt
CreateFontA
GetBkColor
AddFontResourceA
SaveDC
CreateDCA
GetClipRgn

comctl32

CreateStatusWindowA
ImageList_LoadImageW
ImageList_AddMasked
CreatePropertySheetPageA
ImageList_Replace
ImageList_Write
ImageList_DragEnter
PropertySheetA

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10ccc435734b1345970b8d9682aab43c

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

version

ole32

oleaut32

advapi32

gdi32

comctl32

Sections

.text Size: 53KB - Virtual size: 52KB

.data Size: 42KB - Virtual size: 41KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 53KB - Virtual size: 52KB

.data
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 15KB - Virtual size: 15KB