37b9774fc18db2ace0157a07d4b62b29876e58c80244425db45028dea011a5cc

Sharing

Copy URL Twitter E-mail

General

Target

37b9774fc18db2ace0157a07d4b62b29876e58c80244425db45028dea011a5cc
Size

211KB
MD5

f94d78a4a9772919a67acaedc776e6ac
SHA1

0c51de2d45d87b6445681f56ff2a82ba3727cd6a
SHA256

37b9774fc18db2ace0157a07d4b62b29876e58c80244425db45028dea011a5cc
SHA512

99087a461c455e23b1f3dce5201104d84a4b04a8cb2580d5bd39e5dfe4ce9e97ff1d781488a02a84d2c47a20c4c0f65a71cef0494fba46fa40392fd3d4637769
SSDEEP

6144:3mKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:n71YpQiU/RcO1VQInVob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b9774fc18db2ace0157a07d4b62b29876e58c80244425db45028dea011a5cc

Files

37b9774fc18db2ace0157a07d4b62b29876e58c80244425db45028dea011a5cc
.exe windows:4 windows x86 arch:x86

088303a3216315a2ba8d66c94c7b80a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
SetComputerNameA
GlobalFindAtomW
Beep
IsBadReadPtr
BeginUpdateResourceW
WaitForSingleObject
lstrcpyA
GetLogicalDrives
GetProcAddress
SetCurrentDirectoryW
FindResourceW
FileTimeToLocalFileTime
GetFileTime
GetThreadLocale
MulDiv
EnumTimeFormatsW
ExpandEnvironmentStringsA
CreateNamedPipeA
GetVolumeInformationA
GetSystemTime
GetLastError
GetProcessHeap
GetWindowsDirectoryW
GetStartupInfoW
GetSystemInfo
ExitProcess
GetTempFileNameA
GetVolumeInformationW
CreateSemaphoreA
SetCalendarInfoW
lstrcmpA
lstrcmpiA
CreateFileA
GetUserDefaultLangID
GlobalAlloc
GetModuleHandleA
GetDateFormatW
SleepEx

user32

wvsprintfW
GetDesktopWindow
CopyImage
GetMenuInfo
LoadMenuW
SetWindowRgn
MessageBoxIndirectW
PostMessageA
GetActiveWindow
GetWindowRect
SetWindowPos
MonitorFromPoint
CreateDialogParamA
SetDlgItemInt
WinHelpA
GetSystemMetrics
GetDC
SetWindowLongA
GetSysColorBrush
InsertMenuA
DrawTextA
EnumDesktopWindows
InsertMenuItemW
GetWindowRgn
LoadMenuA
OpenClipboard
IsChild
EnableMenuItem
LoadMenuIndirectW
ShowCaret
SetCursorPos
MessageBeep
EnumWindows
GetClientRect
CreateDialogParamW
InsertMenuW

gdi32

CreateFontIndirectA
ResizePalette
PolyBezier
SaveDC
ScaleWindowExtEx
CloseEnhMetaFile
SetBoundsRect
SetViewportExtEx

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegRestoreKeyW

comdlg32

GetOpenFileNameW
ChooseFontA
GetFileTitleW
PrintDlgExW
PrintDlgW

setupapi

SetupDiSetDeviceInstallParamsA
SetupGetLineTextA
SetupQueueCopyW
SetupDiEnumDeviceInfo
pSetupVerifyCatalogFile
CM_Get_Device_Interface_List_SizeA

version

VerInstallFileA
VerLanguageNameW
VerFindFileA

urlmon

RegisterMediaTypes
GetClassURL

winmm

waveOutGetPlaybackRate
timeKillEvent

winspool.drv

GetFormA

inetcomm

HrAttachDataFromFile
MimeGetAddressFormatW
MimeOleGetCodePageInfo
MimeOleStripHeaders
HrGetLastOpenFileDirectoryW
MimeOleCreateSecurity

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lm
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qaQL
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yP
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bPUeWG
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PaB
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dOh
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HvNW
Size: 1024B - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pPJb
Size: 512B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bBut
Size: 512B - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

088303a3216315a2ba8d66c94c7b80a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

setupapi

version

urlmon

winmm

winspool.drv

inetcomm

Sections

.text Size: 11KB - Virtual size: 11KB

.lm Size: 1024B - Virtual size: 35KB

.qaQL Size: 2KB - Virtual size: 5KB

.yP Size: 3KB - Virtual size: 40KB

.bPUeWG Size: 2KB - Virtual size: 20KB

.PaB Size: 1024B - Virtual size: 5KB

.data Size: 14KB - Virtual size: 14KB

.dOh Size: 1KB - Virtual size: 6KB

.HvNW Size: 1024B - Virtual size: 43KB

.pPJb Size: 512B - Virtual size: 30KB

.bBut Size: 512B - Virtual size: 207KB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 1024B - Virtual size: 954B

.text
Size: 11KB - Virtual size: 11KB

.lm
Size: 1024B - Virtual size: 35KB

.qaQL
Size: 2KB - Virtual size: 5KB

.yP
Size: 3KB - Virtual size: 40KB

.bPUeWG
Size: 2KB - Virtual size: 20KB

.PaB
Size: 1024B - Virtual size: 5KB

.data
Size: 14KB - Virtual size: 14KB

.dOh
Size: 1KB - Virtual size: 6KB

.HvNW
Size: 1024B - Virtual size: 43KB

.pPJb
Size: 512B - Virtual size: 30KB

.bBut
Size: 512B - Virtual size: 207KB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 1024B - Virtual size: 954B