dfc97a428519988a30262724617b1151

Sharing

Copy URL Twitter E-mail

General

Target

dfc97a428519988a30262724617b1151
Size

216KB
MD5

dfc97a428519988a30262724617b1151
SHA1

92cc35a10e1681377f79272fb38bfea1a68cd84c
SHA256

245b8f5965b1a8e3a3eb639712e4df515dbf4410a9d6cfa87cc49ad4b1a53298
SHA512

4cce8785bc4ee0d0434c2776d2aef4c76cbced9b09eb8f7f891c76e373120161e3d4b9170652a0dfeede8bb249b29187df01eb9265221ac9141b12ba8243b197
SSDEEP

6144:aKS8PhaOScof0NNUMQBP+p9ZwstX/yGMYL9:aKSIhaOIMfUt0jZwOy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfc97a428519988a30262724617b1151

Files

dfc97a428519988a30262724617b1151
.exe windows:4 windows x86 arch:x86

001fdc056bf2a724bbccdf52e1e3e515

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegLoadKeyA
GetLengthSid
RegEnumKeyExA
RegOpenKeyA

comctl32

ImageList_DrawEx
ImageList_Create
ImageList_Read
ImageList_Destroy
ImageList_GetBkColor
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove

msvcrt

wcstol
strncmp

gdi32

GetDIBits
CreateDIBitmap

oleaut32

GetErrorInfo
SafeArrayGetElement
SafeArrayCreate
RegisterTypeLib

user32

GetCursor
EmptyClipboard
SetRect

shlwapi

SHSetValueA
PathIsDirectoryA
SHEnumValueA
PathIsContentTypeA
PathGetCharTypeA
SHStrDupA
SHDeleteValueA

kernel32

IsBadReadPtr
IsBadHugeReadPtr
GlobalAlloc
GetModuleHandleA
LoadLibraryExA
GetLastError
LoadLibraryA
lstrcatA
VirtualAllocEx
GetCommandLineA
LocalReAlloc
GetProcAddress
GetEnvironmentStrings
LocalAlloc
GetOEMCP
ExitThread
lstrlenA
GetACP
HeapDestroy
ExitProcess
GlobalDeleteAtom

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Rsrc8
Size: 1024B - Virtual size: 783B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rsrc3
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rsrc9
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Rsrc5
Size: 1KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rsrc2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Rsrc4
Size: 1024B - Virtual size: 730B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

001fdc056bf2a724bbccdf52e1e3e515

Headers

File Characteristics

Imports

advapi32

comctl32

msvcrt

gdi32

oleaut32

user32

shlwapi

kernel32

Sections

.text Size: 62KB - Virtual size: 62KB

DATA Size: 140KB - Virtual size: 140KB

.Rsrc8 Size: 1024B - Virtual size: 783B

.Rsrc3 Size: 3KB - Virtual size: 3KB

.Rsrc9 Size: 2KB - Virtual size: 1KB

.Rsrc5 Size: 1KB - Virtual size: 73KB

.Rsrc2 Size: 2KB - Virtual size: 1KB

.Rsrc4 Size: 1024B - Virtual size: 730B

.rsrc Size: 1024B - Virtual size: 920B

.text
Size: 62KB - Virtual size: 62KB

DATA
Size: 140KB - Virtual size: 140KB

.Rsrc8
Size: 1024B - Virtual size: 783B

.Rsrc3
Size: 3KB - Virtual size: 3KB

.Rsrc9
Size: 2KB - Virtual size: 1KB

.Rsrc5
Size: 1KB - Virtual size: 73KB

.Rsrc2
Size: 2KB - Virtual size: 1KB

.Rsrc4
Size: 1024B - Virtual size: 730B

.rsrc
Size: 1024B - Virtual size: 920B