971ef7da81b0500c59369abea705c7db1e1f54099357a9cbf54d5bd6e8b57397

Sharing

Copy URL Twitter E-mail

General

Target

971ef7da81b0500c59369abea705c7db1e1f54099357a9cbf54d5bd6e8b57397
Size

80KB
MD5

45737bc1a9eb7af41631172fd4eb034a
SHA1

813e1fb0e0e15de12d0d449fbc099c016068ea7d
SHA256

971ef7da81b0500c59369abea705c7db1e1f54099357a9cbf54d5bd6e8b57397
SHA512

92507f981955257279a64b2ebf43179f61a9cd73c654299202402480c7d357e7768642afdc3a05cdfb104f1ea30c9943444c38c6ef8804785c6a7eeecc9f5046
SSDEEP

768:DQrh3iiJU9DPMHoArjFOFQHyAIS44BKBgeLrk2hsjmch/oHT0c21ZTvY:DYyeUpoo+j/z8xEyUoHoZTv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
971ef7da81b0500c59369abea705c7db1e1f54099357a9cbf54d5bd6e8b57397

Files

971ef7da81b0500c59369abea705c7db1e1f54099357a9cbf54d5bd6e8b57397
.exe windows:4 windows x86 arch:x86

5e2d676f73c69ce152360273a18808e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
DeleteFileA
GetProcAddress
WinExec
LoadLibraryA
FreeLibrary
FlushFileBuffers
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetFileType
GetWindowsDirectoryA
WriteFile
GetEnvironmentStringsW
GetFileSize
FreeEnvironmentStringsW
GetTempFileNameA
GetTempPathA
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
HeapFree
HeapAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
CloseHandle
SetFilePointer
GetLastError
LocalFree
ReadFile
GetCommandLineA
FreeEnvironmentStringsA
UnhandledExceptionFilter
FormatMessageA
CreateFileA
RaiseException
GetStdHandle
SetHandleCount
GetEnvironmentStrings

user32

LoadAcceleratorsA
ShowWindow
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
RegisterClassA
TrackPopupMenu
PostQuitMessage
DestroyWindow
DefWindowProcA
SetWindowLongA
LoadMenuA
SetMenu
CreateWindowExA
LoadIconA
GetClientRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
PostMessageA
GetWindowLongA
GetWindowRect
GetCursorPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CheckMenuItem
GetMenu
GetSubMenu
EnableMenuItem
MessageBoxA
DialogBoxParamA
ChildWindowFromPoint
GetDlgItem
LoadCursorA
SetCursor
GetSysColorBrush
EndDialog
SetDlgItemTextA
SendMessageA
GetMessageA
UpdateWindow

gdi32

SetBkMode
DeleteObject
CreateFontIndirectA
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegEnumValueA

shell32

ShellExecuteA

ole32

CoTaskMemFree

comctl32

ImageList_ReplaceIcon
ImageList_SetImageCount
ImageList_Create
CreateToolbarEx
ord6
InitCommonControlsEx

oleaut32

GetErrorInfo

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e2d676f73c69ce152360273a18808e9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

oleaut32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 12KB - Virtual size: 10KB