da0cfe026b691e2b2ad0f8d1d7e9f0dc82cf57658bf7bffe25a3e938c6fe9a4d

Sharing

Copy URL Twitter E-mail

General

Target

da0cfe026b691e2b2ad0f8d1d7e9f0dc82cf57658bf7bffe25a3e938c6fe9a4d
Size

1.9MB
MD5

f70d3ab3f1db3e3a9b64cd21c0748287
SHA1

c1f9004d92243ad235a983faea27c871da31a4d5
SHA256

da0cfe026b691e2b2ad0f8d1d7e9f0dc82cf57658bf7bffe25a3e938c6fe9a4d
SHA512

2faae6018d929d30f91b095e897340dc02f3cd8a3e4c678eac1c9ce4039234887d236bdb9fd4fee48c045ef7030d153bede1e46b791fe26568dec77cfe401c6c
SSDEEP

49152:Q8R+Uw9wpSgUgUMnTL45bvEvDX+M7w/+d8BUOwk4RK:Qg+UwaHkMo5Avw/+ST4RK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da0cfe026b691e2b2ad0f8d1d7e9f0dc82cf57658bf7bffe25a3e938c6fe9a4d

Files

da0cfe026b691e2b2ad0f8d1d7e9f0dc82cf57658bf7bffe25a3e938c6fe9a4d
.exe windows:4 windows x86 arch:x86

b7c31c5023b4d58e2319a168667d2562

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
_lclose
FreeLibrary
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringA
GetShortPathNameA
LocalFree
GetDiskFreeSpaceA
WriteFile
_lwrite
_lcreat
LocalAlloc
SetFilePointer
CreateFileA
WinExec
GetWindowsDirectoryA
_lopen
_llseek
CloseHandle
GetModuleFileNameA
CreateDirectoryA
GetModuleHandleA
FindFirstFileA
CompareStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
HeapReAlloc
VirtualAlloc
FlushFileBuffers
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
_lread
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
SetEnvironmentVariableA
CompareStringW
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FreeEnvironmentStringsW
LCMapStringA
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
ReadFile
GetFullPathNameA
GetCurrentDirectoryA
WideCharToMultiByte
MultiByteToWideChar

user32

DispatchMessageA
TranslateMessage
GetDlgItem
IsDialogMessageA
PeekMessageA
MessageBoxA
LoadIconA
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
DefWindowProcA
PostQuitMessage
LoadCursorA
SetCursor
SystemParametersInfoA
ShowWindow
SetWindowTextA
DialogBoxParamA
EndDialog
SetDlgItemTextA
GetWindowRect
GetSystemMetrics
MoveWindow
PostMessageA
SetFocus

gdi32

GetStockObject

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteExA

winmm

mciSendCommandA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c31c5023b4d58e2319a168667d2562

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winmm

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 52KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 52KB

.rsrc
Size: 4KB - Virtual size: 2KB