19dbdc8e1cc2db05ec34b383835e576c988a952bf129b1107be2417bd1ea9bf9[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

19dbdc8e1cc2db05ec34b383835e576c988a952bf129b1107be2417bd1ea9bf9.exe
Size

464KB
MD5

03cab5cd99507d3d74ad8625a907e45e
SHA1

db545c28084a87f6ab3403e79930ba2db31ed080
SHA256

19dbdc8e1cc2db05ec34b383835e576c988a952bf129b1107be2417bd1ea9bf9
SHA512

1af9b4e7247f0f9c33ec9880f47255e0e07831f6b137c9e13778c984850a013e919ade3d439237f36d8e3052859e14cfa6439b121b78e12475066db241c6577f
SSDEEP

6144:S/uOFSwSCnRJjHc5se/zDqkJvNbtp19HEG3Iyz+CF7E5u9FcFd5YAImsdW1:AFS2HHQ7zDq+ZtT9N6Cla8msdc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19dbdc8e1cc2db05ec34b383835e576c988a952bf129b1107be2417bd1ea9bf9.exe

Files

19dbdc8e1cc2db05ec34b383835e576c988a952bf129b1107be2417bd1ea9bf9.exe
.exe windows:4 windows x86 arch:x86

4fcf1ae4e1a3a4d5879ecd6c2a8450a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ShowWindow
GetWindowDC
ShowWindowAsync
LoadStringW
SendMessageA
EndPaint
GetCursorPos
IsWindowVisible
GetParent
IsWindowUnicode
BeginPaint
MessageBoxW
PostQuitMessage
GetClientRect
InvalidateRect
EndDialog
SetCursor
GetWindowLongW
GetDlgItemTextA
TranslateMessage

kernel32

CompareStringA
GetTimeZoneInformation
GetLocaleInfoW
HeapSize
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
RtlUnwind
HeapReAlloc
InitializeCriticalSection
CompareStringW
GetEnvironmentStrings
IsDebuggerPresent
GetVersionExA
VirtualAlloc
GetCurrentThread
GetEnvironmentStringsW
Sleep
GetProcAddress
LoadLibraryA
GetCommandLineA
RaiseException
HeapAlloc
GetStdHandle
GetOEMCP
CreateEventW
TlsAlloc
GetModuleHandleW
CloseHandle
GetTickCount
UnhandledExceptionFilter
InterlockedExchange
FreeLibrary
HeapFree
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
ExitProcess
WriteFile
GetModuleFileNameA
SetEnvironmentVariableA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler

advapi32

RegOpenKeyExW

shlwapi

SHDeleteValueW

Sections

.text
Size: 420KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fcf1ae4e1a3a4d5879ecd6c2a8450a8

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shlwapi

Sections

.text Size: 420KB - Virtual size: 418KB

.data Size: 28KB - Virtual size: 24KB

.tls Size: 4KB - Virtual size: 105B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 420KB - Virtual size: 418KB

.data
Size: 28KB - Virtual size: 24KB

.tls
Size: 4KB - Virtual size: 105B

.reloc
Size: 8KB - Virtual size: 4KB