26353893d0a63b824e7244b571fc98ec2eff47f990fd1d83800d6dddd18ba46b

Sharing

Copy URL

Twitter E-mail

General

Target

26353893d0a63b824e7244b571fc98ec2eff47f990fd1d83800d6dddd18ba46b
Size

211KB
MD5

45b12cf142eb922d85ae587e52bd35db
SHA1

6e64c501d6205cc11d4743b2dadb499657c3af35
SHA256

26353893d0a63b824e7244b571fc98ec2eff47f990fd1d83800d6dddd18ba46b
SHA512

33a5774f343ab05ca81835a5344d8f5ae89babd5bc856efac73946837abb9870f6526e069016dd89a3093d9dd7a5948a2ebd72c534db6d7fbf3e705f813cfce2
SSDEEP

6144:zmKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:j71YpQiU/RcO1VQInVob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26353893d0a63b824e7244b571fc98ec2eff47f990fd1d83800d6dddd18ba46b

Files

26353893d0a63b824e7244b571fc98ec2eff47f990fd1d83800d6dddd18ba46b
.exe windows:4 windows x86 arch:x86

088303a3216315a2ba8d66c94c7b80a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
SetComputerNameA
GlobalFindAtomW
Beep
IsBadReadPtr
BeginUpdateResourceW
WaitForSingleObject
lstrcpyA
GetLogicalDrives
GetProcAddress
SetCurrentDirectoryW
FindResourceW
FileTimeToLocalFileTime
GetFileTime
GetThreadLocale
MulDiv
EnumTimeFormatsW
ExpandEnvironmentStringsA
CreateNamedPipeA
GetVolumeInformationA
GetSystemTime
GetLastError
GetProcessHeap
GetWindowsDirectoryW
GetStartupInfoW
GetSystemInfo
ExitProcess
GetTempFileNameA
GetVolumeInformationW
CreateSemaphoreA
SetCalendarInfoW
lstrcmpA
lstrcmpiA
CreateFileA
GetUserDefaultLangID
GlobalAlloc
GetModuleHandleA
GetDateFormatW
SleepEx

user32

wvsprintfW
GetDesktopWindow
CopyImage
GetMenuInfo
LoadMenuW
SetWindowRgn
MessageBoxIndirectW
PostMessageA
GetActiveWindow
GetWindowRect
SetWindowPos
MonitorFromPoint
CreateDialogParamA
SetDlgItemInt
WinHelpA
GetSystemMetrics
GetDC
SetWindowLongA
GetSysColorBrush
InsertMenuA
DrawTextA
EnumDesktopWindows
InsertMenuItemW
GetWindowRgn
LoadMenuA
OpenClipboard
IsChild
EnableMenuItem
LoadMenuIndirectW
ShowCaret
SetCursorPos
MessageBeep
EnumWindows
GetClientRect
CreateDialogParamW
InsertMenuW

gdi32

CreateFontIndirectA
ResizePalette
PolyBezier
SaveDC
ScaleWindowExtEx
CloseEnhMetaFile
SetBoundsRect
SetViewportExtEx

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegRestoreKeyW

comdlg32

GetOpenFileNameW
ChooseFontA
GetFileTitleW
PrintDlgExW
PrintDlgW

setupapi

SetupDiSetDeviceInstallParamsA
SetupGetLineTextA
SetupQueueCopyW
SetupDiEnumDeviceInfo
pSetupVerifyCatalogFile
CM_Get_Device_Interface_List_SizeA

version

VerInstallFileA
VerLanguageNameW
VerFindFileA

urlmon

RegisterMediaTypes
GetClassURL

winmm

waveOutGetPlaybackRate
timeKillEvent

winspool.drv

GetFormA

inetcomm

HrAttachDataFromFile
MimeGetAddressFormatW
MimeOleGetCodePageInfo
MimeOleStripHeaders
HrGetLastOpenFileDirectoryW
MimeOleCreateSecurity

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lm
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qaQL
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yP
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bPUeWG
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PaB
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dOh
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HvNW
Size: 1024B - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pPJb
Size: 512B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bBut
Size: 512B - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

088303a3216315a2ba8d66c94c7b80a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

setupapi

version

urlmon

winmm

winspool.drv

inetcomm

Sections

.text Size: 11KB - Virtual size: 11KB

.lm Size: 1024B - Virtual size: 35KB

.qaQL Size: 2KB - Virtual size: 5KB

.yP Size: 3KB - Virtual size: 40KB

.bPUeWG Size: 2KB - Virtual size: 20KB

.PaB Size: 1024B - Virtual size: 5KB

.data Size: 14KB - Virtual size: 14KB

.dOh Size: 1KB - Virtual size: 6KB

.HvNW Size: 1024B - Virtual size: 43KB

.pPJb Size: 512B - Virtual size: 30KB

.bBut Size: 512B - Virtual size: 207KB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 1024B - Virtual size: 954B

.text
Size: 11KB - Virtual size: 11KB

.lm
Size: 1024B - Virtual size: 35KB

.qaQL
Size: 2KB - Virtual size: 5KB

.yP
Size: 3KB - Virtual size: 40KB

.bPUeWG
Size: 2KB - Virtual size: 20KB

.PaB
Size: 1024B - Virtual size: 5KB

.data
Size: 14KB - Virtual size: 14KB

.dOh
Size: 1KB - Virtual size: 6KB

.HvNW
Size: 1024B - Virtual size: 43KB

.pPJb
Size: 512B - Virtual size: 30KB

.bBut
Size: 512B - Virtual size: 207KB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 1024B - Virtual size: 954B