60908b7318ca5a0544ccd1fe992198505a04436e96590925e39bb59023b9b6c9

Sharing

Copy URL Twitter E-mail

General

Target

60908b7318ca5a0544ccd1fe992198505a04436e96590925e39bb59023b9b6c9
Size

2.2MB
MD5

ec7e64d0cf053f47e241271d5686e2c4
SHA1

397eec6cfd04e1373d03bf48a05ea4aee9d84b9c
SHA256

60908b7318ca5a0544ccd1fe992198505a04436e96590925e39bb59023b9b6c9
SHA512

004a1df67b18b013f31d87eefee422375573eea823ddd7fcc58abf1d28b7d688bb0bfebc480aca50b603b1ba7f9b8246a1e35b14d112cf2249d7bda1aed04271
SSDEEP

49152:HY2qXM0lyaG+orCDRAHgKoNo/oJ1G0B0imj:42qXwfXCSPoNb9mj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60908b7318ca5a0544ccd1fe992198505a04436e96590925e39bb59023b9b6c9

Files

60908b7318ca5a0544ccd1fe992198505a04436e96590925e39bb59023b9b6c9
.exe windows:4 windows x86 arch:x86

2114ba616ff8ddd44e6ae041cf4ac6cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
_controlfp
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_exit
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
strcmp
??2@YAPAXI@Z
??3@YAXPAX@Z
vsprintf
memmove
memcpy
_rmdir
strlen
strcat
_access
remove
strcpy
strrchr
_splitpath
_makepath
memset
strncpy

kernel32

GlobalUnlock
CreateDirectoryA
GetModuleHandleA
GetStartupInfoA
_lclose
_lcreat
GetTempFileNameA
_lwrite
_llseek
_lopen
lstrlenA
OpenFile
Sleep
FreeLibrary
LoadLibraryA
GetModuleFileNameA
_lread
SetErrorMode
GlobalFree
FindClose
GlobalLock
GlobalAlloc
GlobalSize
GlobalReAlloc
GetProcAddress
GetTempPathA
GetShortPathNameA
RemoveDirectoryA
FindNextFileA
DeleteFileA
FindFirstFileA
WinExec

user32

GetKeyState
MessageBoxA
WaitMessage
DispatchMessageA
wsprintfA
LoadIconA
SetWindowTextA
GetDlgItem
EndDialog
DialogBoxParamA
ExitWindowsEx
SetWindowPos
GetWindowRect
DestroyWindow
CreateWindowExA
ShowWindow
RegisterClassA
GetClassInfoA
GetWindowTextLengthA
SetFocus
MoveWindow
SendMessageA
CallWindowProcA
DrawTextA
IsDlgButtonChecked
PeekMessageA
TranslateMessage
DefWindowProcA
LoadStringA

gdi32

GetStockObject

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

MsgDisplayString
_FindEmbeddedMovie
_GetCurrentEmbeddedMovie
_HandleWaitingMessages

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2114ba616ff8ddd44e6ae041cf4ac6cc

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 6KB - Virtual size: 8KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 52KB - Virtual size: 52KB