b0511c11638a9773b8a383b689b73c1a46f693fbcba11e2265a7acf56de8fe81N

Sharing

Copy URL Twitter E-mail

General

Target

b0511c11638a9773b8a383b689b73c1a46f693fbcba11e2265a7acf56de8fe81N
Size

132KB
MD5

e5ca53f1b5d5cb581181839c37ae2270
SHA1

bb158737cbc90df66cb4adada85b9c91ae510359
SHA256

b0511c11638a9773b8a383b689b73c1a46f693fbcba11e2265a7acf56de8fe81
SHA512

4cd6f4172780bd393dd68cfa040449fc24a733a9806fa298dd93382d09057ab413ad86897668061bbe4c8b49f77f79ce47da26eb5fe48dcce4268e1974b583d7
SSDEEP

3072:VlqBRxlpL+/JBuoHA1ZyQ/H6Oaodd/LHMrtXLUzj4y6:8bL+xBnuyYaob/sLQ4T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0511c11638a9773b8a383b689b73c1a46f693fbcba11e2265a7acf56de8fe81N

Files

b0511c11638a9773b8a383b689b73c1a46f693fbcba11e2265a7acf56de8fe81N
.exe windows:4 windows x86 arch:x86

ab95dc29499d5b17e46877118115e8ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

exit
_acmdln
__set_app_type
__p__commode
__p__fmode
_read
_controlfp
_amsg_exit
_except_handler3
_adjust_fdiv
__getmainargs
fprintf
log10
_lock
__setusermatherr
_XcptFilter
_initterm
_mbscmp

kernel32

MulDiv
GetModuleHandleA
GetDriveTypeA
GetSystemInfo
SetUnhandledExceptionFilter
VirtualProtect
GetFileTime
lstrcpynA
RemoveDirectoryA
lstrlenA
GetStartupInfoA
lstrcpyA

gdi32

SetWinMetaFileBits
GetMapMode
SetEnhMetaFileBits
OffsetWindowOrgEx
RealizePalette
CopyEnhMetaFileA
CreateCompatibleDC
ExtFloodFill
DeleteDC
BitBlt
RoundRect
OffsetRgn

version

GetFileVersionInfoA
VerInstallFileA
VerLanguageNameA
GetFileVersionInfoW
VerQueryValueW
VerFindFileW

oleaut32

SafeArrayCreate
SysStringLen
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex

comctl32

ImageList_DragShowNolock
ImageList_Draw
ImageList_DragLeave
ImageList_Replace
ImageList_BeginDrag
ImageList_LoadImageW
ImageList_Read
PropertySheetA
ImageList_LoadImageA
ImageList_Write

advapi32

RegOpenKeyA
CryptCreateHash
CryptHashData
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
InitializeSecurityDescriptor
OpenThreadToken
RegCreateKeyExA
SetSecurityDescriptorGroup
RegOpenKeyW
AdjustTokenPrivileges
RegQueryValueA

shell32

SHGetSpecialFolderPathW
DragAcceptFiles
ShellExecuteW
DragQueryFileW
ExtractIconA
ShellExecuteEx
SHChangeNotify
SHGetFolderPathW
ExtractAssociatedIconW
ExtractIconExA

ole32

CoInitializeSecurity
CoGetClassObject
CoGetInterfaceAndReleaseStream
CreateILockBytesOnHGlobal
IsAccelerator
CoGetMalloc
OleRun
StgOpenStorage
CoDisconnectObject
StringFromCLSID
CoFreeUnusedLibraries

user32

GetWindowRect
GetDlgItem
CreateMenu
SetPropA
SystemParametersInfoA

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab95dc29499d5b17e46877118115e8ca

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

version

oleaut32

comctl32

advapi32

shell32

ole32

user32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 16KB - Virtual size: 41KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 16KB - Virtual size: 41KB

.rsrc
Size: 96KB - Virtual size: 96KB