19749861f8389a72c40b46b32565efdf42bb1ad9061501b644a7268899f7368f

Sharing

Copy URL Twitter E-mail

General

Target

19749861f8389a72c40b46b32565efdf42bb1ad9061501b644a7268899f7368f
Size

470KB
MD5

30a2d20cef51e18d74d98100b6135b36
SHA1

4c21afdc0c34820a01b593ca034dc10c06281db4
SHA256

19749861f8389a72c40b46b32565efdf42bb1ad9061501b644a7268899f7368f
SHA512

6c0db2ea2984edaad056f1e6597c97eb9ee659a06834897a685170d25d46718ef173705f943ee2e8299df5c517ff98e594f5161903e9ad0a793f5b085db0234c
SSDEEP

12288:iaH9bj958ZN9aRwHHv2RM57+siy1cF+F26j/lEUHjv1piKVr2eZiG:Qt7+W265PWAqeZr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19749861f8389a72c40b46b32565efdf42bb1ad9061501b644a7268899f7368f

Files

19749861f8389a72c40b46b32565efdf42bb1ad9061501b644a7268899f7368f
.exe windows:4 windows x86 arch:x86

c699e2fb67b3cab388af31fd621dea0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CompareStringA
InitializeCriticalSection
lstrcpyn
RtlUnwind
GetStartupInfoA
SetThreadPriority
GetCurrentProcess
GetLocaleInfoA
VirtualAlloc
IsDebuggerPresent
HeapDestroy
HeapReAlloc
GetEnvironmentStrings
LockFileEx
GetDateFormatA
FreeEnvironmentStringsA
InterlockedIncrement
GetModuleFileNameA
FreeLibrary
GetProcessHeap
WriteFile
GetCommandLineA
GetOEMCP
VirtualFree
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetLocaleInfoW
EnumSystemLocalesA
GetTimeZoneInformation
QueryPerformanceCounter
SetLastError
LCMapStringW
GetProcessShutdownParameters
LCMapStringA
SetEnvironmentVariableA
EnterCriticalSection
HeapAlloc
GetFileType
HeapFree
WriteConsoleOutputAttribute
TlsSetValue
GetCurrentProcessId
SetCriticalSectionSpinCount
GetStartupInfoW
UnhandledExceptionFilter
MultiByteToWideChar
GetTimeFormatA
DeleteCriticalSection
GetCommandLineW
GetStdHandle
FreeEnvironmentStringsW
TlsAlloc
LeaveCriticalSection
GetProcessHeaps
VirtualUnlock
TlsGetValue
TlsFree
Sleep
LocalFileTimeToFileTime
LoadLibraryExW
IsValidLocale
WideCharToMultiByte
GetFullPathNameW
CompareStringW
GetStringTypeW
GetProcAddress
GetCurrentThread
GetEnvironmentStringsW
GetThreadSelectorEntry
HeapSize
InterlockedExchange
GetUserDefaultLCID
SetUnhandledExceptionFilter
GetLastError
VirtualQuery
SetHandleCount
SetConsoleCtrlHandler
GetFileSize
InterlockedDecrement
GetCurrentThreadId
GetVersionExA
FindFirstFileW
TerminateProcess
GetCPInfo
HeapCreate
GlobalGetAtomNameW
GetModuleHandleA
IsValidCodePage
GetModuleFileNameW
GetStringTypeA
GetStringTypeExA
ExitProcess

user32

CreateCursor
GetWindowLongW
MessageBeep
GetWindow
UnloadKeyboardLayout
LoadStringW
GrayStringA
LoadImageA
SetClipboardViewer
InsertMenuItemA
TranslateAcceleratorA
AppendMenuW
RegisterClassA
SetRect
LoadBitmapW
GetInputState
GetSubMenu
IsDialogMessageA
LoadMenuA

gdi32

CreateBitmapIndirect
SelectPalette
GetTextFaceW
GetAspectRatioFilterEx
SetPixelFormat
PlayEnhMetaFile
ExtSelectClipRgn

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c699e2fb67b3cab388af31fd621dea0f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 151KB - Virtual size: 150KB

.data Size: 311KB - Virtual size: 311KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 151KB - Virtual size: 150KB

.data
Size: 311KB - Virtual size: 311KB

.rsrc
Size: 7KB - Virtual size: 6KB