84b7ae38bd9d34c42033e98cf39dc4f2d513b24c3f7f9b3777e2a07bfc3b58b9

Sharing

Copy URL Twitter E-mail

General

Target

84b7ae38bd9d34c42033e98cf39dc4f2d513b24c3f7f9b3777e2a07bfc3b58b9
Size

103KB
MD5

0dbc2929da83b866433ff789ad2746ae
SHA1

bd529604161159f98b06c055117ac8bf4ac89907
SHA256

84b7ae38bd9d34c42033e98cf39dc4f2d513b24c3f7f9b3777e2a07bfc3b58b9
SHA512

8e2c110b26b56e0b3c0a2abcbdc82f4179ab9e9aceabfb888995ece9b5d7e50b35a53e3b5e227f0405c341b92803a809a48728290c394a66bf6396246c4c7849
SSDEEP

3072:puI3F2KqhXL7wP9tm2PUbJhFgvBaCxZ2RRcQdFA0A8:pFq9L7wm2sbWaCxgsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84b7ae38bd9d34c42033e98cf39dc4f2d513b24c3f7f9b3777e2a07bfc3b58b9

Files

84b7ae38bd9d34c42033e98cf39dc4f2d513b24c3f7f9b3777e2a07bfc3b58b9
.exe windows:5 windows x86 arch:x86

89694c761ac31ad9a2b9ded56ce90d47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetFocus
IsRectEmpty
GetWindowDC
GetWindowInfo

comctl32

PropertySheetA

oleaut32

SysAllocStringLen
VariantClear
SysStringLen
VariantCopyInd

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

kernel32

Sleep
GetLogicalDriveStringsW
lstrcmpiW
GetPrivateProfileSectionW
GetVolumeInformationW
GetEnvironmentStrings
HeapFree
ReadFile
InterlockedIncrement
GetCurrentProcess
UnhandledExceptionFilter
GetCurrentDirectoryW
LocalAlloc
GlobalFree
CreateMutexW
GetTempPathW
SetHandleContext
LoadLibraryW
MultiByteToWideChar
CreateFileW
GetWindowsDirectoryW
GetCurrentThreadId
GetPrivateProfileStringW
LocalReAlloc
DeviceIoControl
CopyFileW
CreateDirectoryW
FreeLibrary
DeleteFileW
CloseHandle
GetVersionExA
SetLastError
GetDiskFreeSpaceExW
CreateProcessW
OpenSemaphoreA
GetDateFormatW
SetCurrentDirectoryW
GetTimeFormatW
QueryPerformanceCounter
SetUnhandledExceptionFilter
IsValidLocale
GetProcAddress
ReleaseMutex
FindNextFileW
GetModuleHandleA
WriteFile
GetTickCount
lstrlenW
GetModuleFileNameW
LocalLock
LocalFree
GetDriveTypeW
ExpandEnvironmentStringsW
GetExitCodeProcess
FindClose
WideCharToMultiByte
GetPrivateProfileIntW
HeapAlloc
VirtualQuery
FindFirstFileW
TerminateProcess
RaiseException
InterlockedExchange
OpenEventW
GetStartupInfoA
lstrlenA
GetCurrentProcessId
SetFilePointer
GetFileAttributesW
GetCommandLineW
GlobalAlloc
FormatMessageW
GetProcessHeap
InterlockedDecrement
GetFullPathNameW
GetSystemDirectoryW
GetSystemTimeAsFileTime
lstrcmpW

shlwapi

PathIsNetworkPathA
PathIsRelativeW
StrCmpLogicalW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sujq
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 109KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89694c761ac31ad9a2b9ded56ce90d47

Headers

File Characteristics

Imports

user32

comctl32

oleaut32

shell32

kernel32

shlwapi

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 9KB

.sujq Size: 3KB - Virtual size: 3KB

.edata Size: 109KB - Virtual size: 127KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 9KB

.sujq
Size: 3KB - Virtual size: 3KB

.edata
Size: 109KB - Virtual size: 127KB