1095557564402c8b3dd55675db4065ade80135e3b9efe0f58581248a1a4489cc

Sharing

Copy URL Twitter E-mail

General

Target

1095557564402c8b3dd55675db4065ade80135e3b9efe0f58581248a1a4489cc
Size

260KB
MD5

41c448b57f6dcf40b8f386f0a6787b04
SHA1

79fb684f1020df34971c3efc0177d2c90dfd1832
SHA256

1095557564402c8b3dd55675db4065ade80135e3b9efe0f58581248a1a4489cc
SHA512

2c801614f76849d13c812abab1f1c47c62dd0f6e1c144b520a57c8a79fdb2d81fb655bfb27280b0f2d968dc1fc161a239c2634f5bcba732a8aa50760f24da1f1
SSDEEP

6144:6Pzon6O1k4ZmXquk9TrYQbhM4XXZy+gjLQz3jJ5Q2B:6PzojdmXqz9BhM4XZmjLs3j42B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1095557564402c8b3dd55675db4065ade80135e3b9efe0f58581248a1a4489cc

Files

1095557564402c8b3dd55675db4065ade80135e3b9efe0f58581248a1a4489cc
.exe windows:5 windows x86 arch:x86

19d87f390ea4572129fe20b34bd2ff80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
DecodePointer
GetFileType
SetStdHandle
LCMapStringW
SetLastError
GetStringTypeW
HeapAlloc
HeapFree
GetACP
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WriteFile
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
GetDateFormatA
GetTimeFormatA
GetVersionExA
GetFileAttributesExA
GetProfileStringA
GetModuleHandleA
LoadLibraryA
OpenEventA
WaitForMultipleObjectsEx
lstrlenA
lstrcatA
lstrcmpiA
FormatMessageA
GetTickCount
GetLocalTime
FileTimeToSystemTime
GetSystemTime
CloseHandle
GetLastError
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStringsW
GetCurrentProcessId
GetCurrentProcess
LocalFree
LocalLock
GlobalUnlock
GlobalLock
GetStdHandle
VirtualQuery
EncodePointer
CreateFileW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetProcAddress
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
TerminateProcess
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

user32

GetMenu
SetMenu
GetSystemMenu
CheckMenuItem
GetSubMenu
RegisterWindowMessageA
SendMessageA
EnableWindow
MsgWaitForMultipleObjectsEx
GetMenuItemID
AppendMenuA
DrawIcon
DrawTextA
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
SetCapture
RegisterClipboardFormatA
GetDlgItemTextA
SendMessageTimeoutA
DefWindowProcA
PostQuitMessage
RegisterClassA
CreateWindowExA
ShowWindow
GetDlgItem
GetScrollInfo
EnumDisplaySettingsA
InvalidateRect
SetScrollInfo
LoadIconA
LoadCursorA
LoadBitmapA
GetTopWindow
SetWindowLongA
GetWindowWord
SetRect
FillRect
GetSysColorBrush
SetCaretPos
MessageBeep
MessageBoxA
GetClientRect
SetWindowPos

gdi32

MoveToEx
GetObjectA
SetTextColor
SetMapMode
SelectObject
Rectangle
PatBlt
LineTo
GetTextCharsetInfo
GetTextCharacterExtra
GetSystemPaletteUse
GetStockObject
GetMapMode
GetFontData
DeleteObject
DeleteDC
CreateRectRgnIndirect
CreatePatternBrush
CreateFontIndirectA
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
DPtoLP

comdlg32

FindTextA
ReplaceTextA

advapi32

OpenThreadToken
GetFileSecurityA
GetSecurityDescriptorDacl
PrivilegeCheck
DeregisterEventSource
OpenProcessToken
ImpersonateNamedPipeClient
ReportEventA
RegisterEventSourceA

shell32

SHGetFileInfoA

ole32

CoInitialize
CoUninitialize
CreateBindCtx
RegisterDragDrop
ReleaseStgMedium
MkParseDisplayName

oleaut32

VariantInit
SystemTimeToVariantTime

avifil32

AVIMakeCompressedStream

winmm

waveOutOpen
waveOutPrepareHeader
waveOutWrite
waveInGetNumDevs
waveInOpen
mmioOpenA
mmioWrite
mmioCreateChunk

shlwapi

StrToIntExA

pdh

PdhBrowseCountersA

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromFile
GdipCloneImage
GdipDisposeImage

oleacc

ObjectFromLresult

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19d87f390ea4572129fe20b34bd2ff80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

avifil32

winmm

shlwapi

pdh

gdiplus

oleacc

setupapi

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 2KB - Virtual size: 5KB

.text Size: 5KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 2KB - Virtual size: 5KB

.text
Size: 5KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 12KB - Virtual size: 12KB