de18ef4a73e117efde95d1b887159e33

General

Target

de18ef4a73e117efde95d1b887159e33
Size

181KB
MD5

de18ef4a73e117efde95d1b887159e33
SHA1

62b17e5500cd02a0f7f1c0cec0fc2b4fd308db75
SHA256

f124e7ffdc6180fb711227ad85e98d33af37e683d16b53d40b88747372f1ab8f
SHA512

a5a86ae594668f83f38c5f1b4f2a57d6054cddc3b447b027f4864a59cbc1d9aff72506afc2c4356e55279b88b63124428ae890363dbbd4d914d8a46f2acd9db5
SSDEEP

3072:x/UUboMRpXpib60xhUzGUPgx4kkonOoPUXy0BktziImtHaf6dENJL5ZxtI:RUUboMRpXsvxhU/g67onCi0BktWIF2ge

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de18ef4a73e117efde95d1b887159e33

Files

de18ef4a73e117efde95d1b887159e33
.exe windows:4 windows x86 arch:x86

9aa97c4dc9169e50a3b152c3a1cd1662

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
GetPrivateProfileIntW
FreeLibrary
GlobalUnlock
WideCharToMultiByte
GlobalAlloc
lstrcmpW
GetFileAttributesW
GlobalGetAtomNameA
GlobalFree
GetProcAddress
GlobalLock
FindFirstFileW
LockResource
GetPrivateProfileStringW
SetFileAttributesW
lstrlenW
GetModuleFileNameW
GetCurrentThreadId
FindClose
LoadResource
GetTickCount
InitializeCriticalSection
WritePrivateProfileStringW
lstrcpyW
GetLastError
EnumResourceTypesA
CloseHandle
LoadLibraryW
FindFirstChangeNotificationW
GetCurrentDirectoryW
FindCloseChangeNotification
FindNextChangeNotification
DeleteCriticalSection
GetLocaleInfoW
FileTimeToLocalFileTime
WaitForSingleObject
Sleep
MultiByteToWideChar
IsValidCodePage
LoadLibraryExW
GetVersionExA
FindResourceW
MulDiv
FileTimeToSystemTime
GetVersionExW
InterlockedIncrement
GetVersion
lstrcpynW
ResumeThread
GetModuleHandleW
LoadLibraryA
GlobalSize
SetThreadPriority

shell32

SHIsFileAvailableOffline
SHGetFolderPathW
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteExW
SHGetPathFromIDListA
ShellExecuteW
SHFileOperationW
CommandLineToArgvW
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aa97c4dc9169e50a3b152c3a1cd1662

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 2KB - Virtual size: 145KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 2KB - Virtual size: 145KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB