be72c0b8f6d9a0815252355655eebf1082ff48313ec4ff4b15aa09c3e5384da3N

Sharing

Copy URL Twitter E-mail

General

Target

be72c0b8f6d9a0815252355655eebf1082ff48313ec4ff4b15aa09c3e5384da3N
Size

130KB
MD5

e22db7deed17485992a2f18ddca95190
SHA1

2831dfc10980da3af7a3e070f3acdfcc72f9d42a
SHA256

be72c0b8f6d9a0815252355655eebf1082ff48313ec4ff4b15aa09c3e5384da3
SHA512

15abc63038512fa1a54125e08614d744fe3382b9e53f9ac9da5eecf4f6e51e9e6b640ad0d260918150e9d32f4b4d666eb99203828317bed801397850bab00d75
SSDEEP

3072:GYMYxmD5zxB2wJPNrwjWeqp399gCmAQ2wjZ/p:bIP8wJFrwnqpzPmAQ2wFh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be72c0b8f6d9a0815252355655eebf1082ff48313ec4ff4b15aa09c3e5384da3N

Files

be72c0b8f6d9a0815252355655eebf1082ff48313ec4ff4b15aa09c3e5384da3N
.exe windows:4 windows x86 arch:x86

26b89cb93a1d5e01816b204a92df71f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
VirtualQuery
GetModuleHandleA
WaitForSingleObject
VirtualAllocEx
LocalAlloc
InitializeCriticalSection
GetFileSize
WideCharToMultiByte
GetCPInfo
HeapFree
WriteFile
GlobalAddAtomA
GetDiskFreeSpaceA
LoadLibraryA
GetCommandLineW
ExitProcess
CompareStringA
GetACP
CloseHandle
GetEnvironmentStrings
SetEndOfFile

user32

DispatchMessageW
GetSysColorBrush
RedrawWindow
ShowScrollBar
EnumThreadWindows
GetKeyboardState
GetSysColor
GetKeyboardLayoutList
GetParent
GetIconInfo
GetKeyState
SetWindowLongW
LoadKeyboardLayoutA
GetLastActivePopup
IsCharLowerA
IntersectRect
IsWindowVisible
DefFrameProcA
PostQuitMessage
WaitMessage
DrawEdge
SetWindowPlacement
EnumChildWindows
InvalidateRect
GetMessagePos
ScreenToClient
GetMenu
OpenIcon
IsDialogMessageW
GetClipboardData
CharUpperBuffA
GetWindowLongW
DispatchMessageA
ReleaseDC
EnumWindows
CreatePopupMenu
DefWindowProcA
IsDlgButtonChecked
OpenClipboard
FillRect
DrawFrameControl
SetCursor
RemovePropA
IsChild
ReleaseCapture
UnhookWindowsHookEx
ShowWindow
GetKeyboardLayoutNameA
OemToCharA
PeekMessageW
GetSystemMetrics
GetKeyNameTextA
GetKeyboardLayout
UpdateWindow
LoadBitmapA
IsWindowUnicode
EmptyClipboard
GetWindowTextLengthA
DrawAnimatedRects
CreateIcon
ShowOwnedPopups
ClientToScreen
ActivateKeyboardLayout

ole32

CLSIDFromString
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoCreateGuid
MkParseDisplayName
PropVariantClear
CoGetObjectContext
CoRegisterClassObject
CoGetMalloc
CoTaskMemFree

Exports

Exports

WJXCHa

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 99KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26b89cb93a1d5e01816b204a92df71f2

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 11KB

.bss Size: 99KB - Virtual size: 222KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 72B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 11KB

.bss
Size: 99KB - Virtual size: 222KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 72B

.rsrc
Size: 4KB - Virtual size: 3KB