d5272a72b95bc41b308c7c209c96a99a7a885da70fff45d73c57d395bcd46ab5N

Sharing

Copy URL Twitter E-mail

General

Target

d5272a72b95bc41b308c7c209c96a99a7a885da70fff45d73c57d395bcd46ab5N
Size

133KB
MD5

f76db4dd09fcec45d4cb57efcaddab20
SHA1

86768f402758e7a4dfd6a7d5a52a8a1113f2fd3a
SHA256

d5272a72b95bc41b308c7c209c96a99a7a885da70fff45d73c57d395bcd46ab5
SHA512

55ef16f76730eb70b3effd98e94c44e99153d5eafcdbf092aae74ea790c6ee48e8819294d21153cffc7818a0b86c60ce657df45fa90f7f65062507e9fdc12297
SSDEEP

3072:1HI2FWMx9v4YH7MZVOS+myCDzqD2CMZYRjoVoj:l/FW5ZWmflCAEK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5272a72b95bc41b308c7c209c96a99a7a885da70fff45d73c57d395bcd46ab5N

Files

d5272a72b95bc41b308c7c209c96a99a7a885da70fff45d73c57d395bcd46ab5N
.exe windows:4 windows x86 arch:x86

8f6a9a7133b6eea06b04b290f9d2c241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
MoveFileExA
GetDateFormatA
FreeResource
SizeofResource
LoadResource
DeviceIoControl
WaitForSingleObject
GetCurrentProcess
GetTempPathW
LoadLibraryW
GetLocalTime
MoveFileW
FindNextFileW
FindFirstFileW
TlsGetValue
TlsAlloc
GetModuleHandleA
GetCurrentThreadId
GetCommandLineA
WriteConsoleW
GetSystemTime
CloseHandle
QueryPerformanceCounter
GetVolumeInformationA
GetLastError
GetTickCount
Sleep
DeleteFileW
CreateProcessW
RemoveDirectoryW

user32

IsDialogMessageW
GetIconInfo
CheckDlgButton
CallNextHookEx
SendMessageA
SetWindowTextA
FillRect
GetActiveWindow
CreatePopupMenu
GetSysColorBrush
DrawFrameControl
PostMessageW
SetWindowsHookExA
GetMessageA
DrawIcon
LoadIconW
SetCapture
LoadImageA
MapDialogRect
SetDlgItemInt
ClientToScreen
FrameRect
GetScrollRange
GetDlgItemInt
AppendMenuA

gdi32

OffsetViewportOrgEx
CreateCompatibleBitmap
StretchBlt
SetPixel
GetTextExtentPoint32A
PatBlt
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx

msvcr71

__getmainargs
_amsg_exit
__p___initenv
_cexit
_controlfp
_XcptFilter
_exit
_c_exit
exit
wcslen
atoi
strchr
memmove
strncmp
time
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_onexit
__dllonexit

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f6a9a7133b6eea06b04b290f9d2c241

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcr71

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 48KB - Virtual size: 74KB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 48KB - Virtual size: 74KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 3KB - Virtual size: 2KB