2534a7d280bc0cb7f5a4d216e3f264c3e80b537593b48875f124508f8ea161d5

Sharing

Copy URL Twitter E-mail

General

Target

2534a7d280bc0cb7f5a4d216e3f264c3e80b537593b48875f124508f8ea161d5
Size

212KB
MD5

c2f32123b9cb275ec826a3cdea016f35
SHA1

4c4048cd4bdfea8737b1ade802c4e0f362981c32
SHA256

2534a7d280bc0cb7f5a4d216e3f264c3e80b537593b48875f124508f8ea161d5
SHA512

a98afe91fa928b99b5bc9afe35d3386eb4ff342e27e0fa6fc963e2f8e2cdb3be64c03d6ebd8c143a9aa15e93d2546b0e1983e914acc542a1b79df0f7fe834455
SSDEEP

3072:pGwPsm1VrwxOsf0juzv8j4P1Hr6krr4IEhx9QZe2gO9mG9UHA30Vt3E/vDjb:pG/iVkO20SFgBhxtW9mG9+Umt3Ezjb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2534a7d280bc0cb7f5a4d216e3f264c3e80b537593b48875f124508f8ea161d5

Files

2534a7d280bc0cb7f5a4d216e3f264c3e80b537593b48875f124508f8ea161d5
.exe windows:4 windows x86 arch:x86

728b5168c443fc8cea3c0c483ddbb8ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
GetProcAddress
GetCurrentThread
WaitForMultipleObjects
GlobalAlloc
OpenMutexA
InitializeCriticalSection
AddAtomA
CompareStringA
CopyFileA
IsValidLocale
lstrcpynA
OpenEventW
GetModuleHandleA
GetStartupInfoA
GetSystemDefaultLCID
GetACP
GetCalendarInfoW
OpenWaitableTimerA
Sleep
GetSystemDefaultLangID
CreateSemaphoreW
ExpandEnvironmentStringsW
lstrlenA
GetDateFormatA
CreateMailslotW
SystemTimeToFileTime
BeginUpdateResourceA
GetExpandedNameW
SearchPathA
DosDateTimeToFileTime
GetWindowsDirectoryW
GetEnvironmentStringsW
GetStringTypeA
QueryPerformanceCounter

user32

GetDlgItemTextW
DialogBoxParamA
LoadMenuIndirectW
GetCapture
GetClassInfoW
IsIconic
LoadBitmapA
GetDC
PeekMessageW
GetMenuState
SetWindowTextW
GetWindowRect
UpdateWindow
GetForegroundWindow
DialogBoxIndirectParamA
ShowWindow
EnumClipboardFormats
AdjustWindowRect
SetCursorPos
ReleaseDC
InsertMenuA
CreateWindowExA
ActivateKeyboardLayout
LoadIconW
DrawTextA
DialogBoxIndirectParamW

gdi32

FillPath
UnrealizeObject
SetDIBits
CreateScalableFontResourceW
GetTextFaceA
CreateFontW
SelectClipRgn
AnimatePalette

advapi32

RegOpenKeyExA
RegOpenKeyW
RegDeleteKeyA
RegOpenKeyW

shlwapi

SHRegGetBoolUSValueW
PathIsUNCServerShareA
PathRemoveExtensionA
PathGetDriveNumberW
IntlStrEqWorkerA
PathMakePrettyA
StrCmpNIW
UrlCombineW

comctl32

DrawStatusText
CreateMappedBitmap
ImageList_Write

inetcomm

MimeOleGenerateCID
MimeOleSetBodyPropW
EssKeyExchPreferenceDecodeEx
CreateSMTPTransport
MimeOleSMimeCapInit
MimeOleSMimeCapGetHashAlg
MimeEditIsSafeToRun
MimeOleParseMhtmlUrl
EssSecurityLabelEncodeEx
MimeOleGetRelatedSection
MimeOleGetFileInfoW
EssReceiptRequestEncodeEx
MimeOleCreateSecurity
MimeOleFileTimeToInetDate
MimeOleSMimeCapGetEncAlg
MimeOleGetInternat
MimeOleSMimeCapAddCert
EssSignCertificateDecodeEx

oledlg

OleUIObjectPropertiesW
OleUIConvertW
OleUIPasteSpecialW
OleUIConvertA
OleUIPromptUserA
OleUIAddVerbMenuW
OleUIEditLinksA
OleUIPasteSpecialA

Sections

.qYS
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jvNc
Size: 2KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bCq
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gMFODl
Size: 3KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 109KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifpDc
Size: 3KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ox
Size: 2KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

728b5168c443fc8cea3c0c483ddbb8ff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comctl32

inetcomm

oledlg

Sections

.qYS Size: 11KB - Virtual size: 11KB

.jvNc Size: 2KB - Virtual size: 405KB

.bCq Size: 3KB - Virtual size: 18KB

.gMFODl Size: 3KB - Virtual size: 329KB

.data Size: 109KB - Virtual size: 216KB

.ifpDc Size: 3KB - Virtual size: 207KB

.Ox Size: 2KB - Virtual size: 474KB

.rsrc Size: 73KB - Virtual size: 73KB

.reloc Size: 1024B - Virtual size: 740B

.qYS
Size: 11KB - Virtual size: 11KB

.jvNc
Size: 2KB - Virtual size: 405KB

.bCq
Size: 3KB - Virtual size: 18KB

.gMFODl
Size: 3KB - Virtual size: 329KB

.data
Size: 109KB - Virtual size: 216KB

.ifpDc
Size: 3KB - Virtual size: 207KB

.Ox
Size: 2KB - Virtual size: 474KB

.rsrc
Size: 73KB - Virtual size: 73KB

.reloc
Size: 1024B - Virtual size: 740B