4235a2e9c23fd9079db3bf192ed71fb86c1b5bd6304c35af599ebbb0365895b3

Sharing

Copy URL Twitter E-mail

General

Target

4235a2e9c23fd9079db3bf192ed71fb86c1b5bd6304c35af599ebbb0365895b3
Size

14.1MB
MD5

592c239963b4a20a617a2d25b3f8f33d
SHA1

af9d7b83e2f50d39c70622ac72eaaab5d6735477
SHA256

4235a2e9c23fd9079db3bf192ed71fb86c1b5bd6304c35af599ebbb0365895b3
SHA512

e953717a6c78865ad156b1dccf41c877f247ca2577e2b2b67832ef89563b3f477d65796486f4ae8c2961967449617021186c542615fbed4d6b790e8753125e34
SSDEEP

98304:hg87jbTETQpHhISLess24PVE0B7Zg3nKUq7mymKblaUDO4uhlOva52l/iS1l9WNh:PBCPVjTUgmnsDO4urX0z9WND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4235a2e9c23fd9079db3bf192ed71fb86c1b5bd6304c35af599ebbb0365895b3

Files

4235a2e9c23fd9079db3bf192ed71fb86c1b5bd6304c35af599ebbb0365895b3
.exe windows:6 windows x86 arch:x86

4465f6aceddbdc0758959a8607d5a547

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

gdi32

CreateSolidBrush

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateIoCompletionPort
CreateThread
CreateWaitableTimerExW
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
FreeLibrary
GetConsoleMode
GetCurrentThreadId
GetEnvironmentStringsW
GetErrorMode
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadContext
GlobalAlloc
GlobalFree
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
PostQueuedCompletionStatus
RaiseFailFastException
ResumeThread
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetThreadContext
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WerGetFlags
WerSetFlags
WideCharToMultiByte
WriteConsoleW
WriteFile

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_beginthread
_cexit
_errno
_initterm
_iob
_lock
_onexit
_strtoi64
_strtoui64
_unlock
abort
atoi
calloc
exit
fprintf
fputc
free
fwrite
getc
isspace
isxdigit
localeconv
malloc
memcpy
memset
realloc
setlocale
signal
strchr
strerror
strlen
strncmp
strncpy
strtol
strtoul
tolower
ungetc
vfprintf
wcscmp
wcslen

ole32

CoCreateInstance
CoGetClassObject
CoTaskMemFree
OleInitialize
OleSetContainedObject
OleUninitialize

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy
SysAllocString
SysFreeString
VariantClear
VariantInit

user32

AdjustWindowRect
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetClientRect
GetDesktopWindow
GetMessageA
GetMonitorInfoA
GetWindowLongA
GetWindowRect
MessageBoxA
MonitorFromWindow
PeekMessageA
PostMessageW
PostQuitMessage
RegisterClassExA
SetClassLongA
SetFocus
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow

Exports

Exports

_cgo_dummy_export
_webviewDispatchGoCallback
_webviewExternalInvokeCallback

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4465f6aceddbdc0758959a8607d5a547

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.data Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 6.2MB - Virtual size: 6.2MB

.eh_fram Size: 12KB - Virtual size: 11KB

.bss Size: - Virtual size: 320KB

.edata Size: 512B - Virtual size: 156B

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 338KB - Virtual size: 338KB

.text
Size: 6.2MB - Virtual size: 6.2MB

.data
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 6.2MB - Virtual size: 6.2MB

.eh_fram
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 320KB

.edata
Size: 512B - Virtual size: 156B

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 338KB - Virtual size: 338KB