c944d68dffe67e2d03f86ccef6304504

Sharing

Copy URL

Twitter E-mail

General

Target

c944d68dffe67e2d03f86ccef6304504
Size

183KB
MD5

c944d68dffe67e2d03f86ccef6304504
SHA1

6334a2a9be21fee3d10ba747f24b020c2ac01a2c
SHA256

3569b1de9692e5ca5c8a7fb73d52bdabd6bddfd652cab6d10cfb2c2a69c96e6d
SHA512

e4839499736c9d8693167e2c53d87065a2f49d72397bcce3d72af44cfdb194d33cdf2841891b85628507c3964e79fa8d18b2750627d7c9944a0891d379648658
SSDEEP

3072:RIL4cewfF6FmgF63CLjPentd85YPx37jfA0YC5HE9WVHzYmQWuB:RMY4FobF63OutzPV3fpYCxMkH7u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c944d68dffe67e2d03f86ccef6304504

Files

c944d68dffe67e2d03f86ccef6304504
.exe windows:4 windows x86 arch:x86

3a273b6b8e7b4ffae0995b9f0afd3530

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoCreateInstance
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoInitialize
OleFlushClipboard
CoRetireServer
CoUninitialize
CoRevokeClassObject
CoTaskMemFree
CLSIDFromProgID
OleIsCurrentClipboard
OleInitialize
OleUninitialize
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW

shlwapi

PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW

gdi32

GetMapMode
SetWindowExtEx
SetViewportOrgEx
ScaleViewportExtEx
DeleteDC
ExtSelectClipRgn
OffsetViewportOrgEx
PtVisible
ScaleWindowExtEx
Escape
GetDeviceCaps
RectVisible
ExtTextOutW
GetStockObject
SelectObject
GetTextColor
TextOutW
GetBkColor
GetRgnBox

kernel32

RemoveDirectoryW
GetCalendarInfoW
CreateDirectoryW
SystemTimeToFileTime
GetSystemDefaultLangID
InterlockedDecrement
FindNextFileW
GetLocaleInfoW
LocalFileTimeToFileTime
ReadFile
DeleteFileW
lstrcpyW
GetCurrentProcessId
LoadLibraryW
GetFileAttributesW
MultiByteToWideChar
EnumResourceNamesA
SetFileTime
GetModuleFileNameW
SetFilePointer
ExitProcess
EnumResourceLanguagesW
CreateFileW
ConvertDefaultLocale
GetVersion
WriteFile
FindFirstFileW
MoveFileW
WideCharToMultiByte
FindClose
GetCurrentDirectoryW
GetProcAddress

user32

CharNextW
RegisterWindowMessageW
SetRect
GetNextDlgTabItem
InvalidateRgn
GetNextDlgGroupItem
GetPropW
IsRectEmpty
InvalidateRect
GetClassLongW
SetPropW
WinHelpW
CreateWindowExW
MessageBeep
GetClassInfoExW
CopyAcceleratorTableW
RemovePropW
SendDlgItemMessageA
CharUpperW
DestroyMenu

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a273b6b8e7b4ffae0995b9f0afd3530

Headers

File Characteristics

Imports

oleacc

ole32

shell32

advapi32

shlwapi

gdi32

kernel32

user32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 74KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 74KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 372KB