88e42e4a6271d4e014c78db76ec1586e878c0b4ab590f305a96e76aad6a3d6d0

Sharing

Copy URL Twitter E-mail

General

Target

88e42e4a6271d4e014c78db76ec1586e878c0b4ab590f305a96e76aad6a3d6d0
Size

203KB
MD5

0c9bf3cbc4af4ea6782d5a0b79407089
SHA1

78faa983f335254197c15c59fe452bb4aa54827e
SHA256

88e42e4a6271d4e014c78db76ec1586e878c0b4ab590f305a96e76aad6a3d6d0
SHA512

470ca1a21392433fcaf65e807be805e117bd6bdeef95f2c265841db30318a226009dbf61f57cc4a48d070c26c9fe69f0db391ec43ccb73965c0423c089e98898
SSDEEP

3072:31g2ZB+GEhO118/bPyKxM4QTJt2cWGsNPKisJoyjK7yGAe9Q0enyU8GZqaP+wPml:dhYzxMlNNsAisDRGAL0eyUBnPrPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88e42e4a6271d4e014c78db76ec1586e878c0b4ab590f305a96e76aad6a3d6d0

Files

88e42e4a6271d4e014c78db76ec1586e878c0b4ab590f305a96e76aad6a3d6d0
.exe windows:4 windows x86 arch:x86

3b42f9693bdd770281b738cfac146ecf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
lstrcpynW
GetModuleFileNameA
GetFileType
GetEnvironmentStringsA
GetProcAddress
BeginUpdateResourceW
GetCurrentThreadId
CreateMailslotW
AddAtomA
lstrlen
GetEnvironmentStringsW
GetExpandedNameA
WinExec
GetCurrentProcessId
GetThreadPriority
FindAtomA
OpenWaitableTimerW
GetModuleHandleA
GetLocaleInfoA
GetDateFormatA
GetShortPathNameW

user32

GetParent
CreateWindowExA
SetDlgItemTextW
DestroyIcon
GetDlgItemInt
IsWindow
IsMenu
PostMessageA
SetWindowLongW
GetWindowTextW
CallWindowProcW
GetCapture
GetSubMenu
InvalidateRect
DestroyWindow
GetDlgItem
WinHelpA
GetSystemMetrics
SetCursorPos
CreateCaret
CascadeWindows
EnumDesktopsA
GetDCEx
EndDialog
CreatePopupMenu
GetMessageA
GetCursorPos
CreateAcceleratorTableW
GetTopWindow
SetWindowRgn
SendMessageA

gdi32

ColorMatchToTarget
CreateCompatibleDC
Pie
CopyMetaFileW
ExtTextOutW
GetTextColor
SetColorAdjustment
CreatePatternBrush
SetMetaRgn
ExtFloodFill
GetEnhMetaFileDescriptionA
SetTextColor
ExtSelectClipRgn
AddFontResourceW
EndDoc
GetTextFaceW
GetCharacterPlacementA
GetMetaFileA

advapi32

RegOpenKeyW
RegFlushKey
RegOpenKeyA

shlwapi

GetMenuPosFromID
PathUnmakeSystemFolderA
UrlIsNoHistoryW
PathIsURLA
SHCreateShellPalette
PathRemoveArgsW
SHCopyKeyW
SHRegOpenUSKeyA
PathSearchAndQualifyW

Sections

.eX
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ah
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wc
Size: 512B - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cKgaFt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JbcCcw
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b42f9693bdd770281b738cfac146ecf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

Sections

.eX Size: 12KB - Virtual size: 11KB

.ah Size: 2KB - Virtual size: 31KB

.wc Size: 512B - Virtual size: 402KB

.cKgaFt Size: 8KB - Virtual size: 8KB

.JbcCcw Size: 5KB - Virtual size: 11KB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 928B

.eX
Size: 12KB - Virtual size: 11KB

.ah
Size: 2KB - Virtual size: 31KB

.wc
Size: 512B - Virtual size: 402KB

.cKgaFt
Size: 8KB - Virtual size: 8KB

.JbcCcw
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 928B