dae42d5dc075ea6da00db10205557ef9dc426961627c0b9573876e5fbd7099a6N

Sharing

Copy URL Twitter E-mail

General

Target

dae42d5dc075ea6da00db10205557ef9dc426961627c0b9573876e5fbd7099a6N
Size

137KB
MD5

18e993371cf2a89e3aea3a1527534fe0
SHA1

f0682944bf2e00e0b542ec0d36b69beccc27a3c9
SHA256

dae42d5dc075ea6da00db10205557ef9dc426961627c0b9573876e5fbd7099a6
SHA512

62f2971c4d6bc14ed044f5d8d233e0abf038c62cef6c7388bbacc1e395ea271106acbff4887e34f1d40d145d971de0126c07cc58417c8ccd53b44a37b82b59be
SSDEEP

3072:/fWUrMXWvI2Ai1yCKY2uZzbF8dIcjMapj43tQ/e:/fkWQ25MjaZzx8dJfj43t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dae42d5dc075ea6da00db10205557ef9dc426961627c0b9573876e5fbd7099a6N

Files

dae42d5dc075ea6da00db10205557ef9dc426961627c0b9573876e5fbd7099a6N
.exe windows:6 windows x86 arch:x86

73a504913634c43d4cebd397b2658b7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord29

kernel32

AddAtomW
SetFileApisToOEM
GetExitCodeThread
TlsSetValue
GetWindowsDirectoryA
FindResourceA
CancelWaitableTimer
HeapCreate
GetPrivateProfileIntW
UnhandledExceptionFilter
DisconnectNamedPipe
FindResourceW
OpenSemaphoreW
MoveFileExA
GetSystemInfo
SetCurrentDirectoryW
CreateFileA
GetThreadContext
GlobalSize
lstrcatA
LCMapStringW
CreateMutexW
GetBinaryTypeW
SetEndOfFile
SetCurrentDirectoryA
DeleteCriticalSection
GlobalGetAtomNameW
SetMailslotInfo
GetCommModemStatus
GetFileInformationByHandle
DeleteFileA
CreatePipe
IsValidLanguageGroup
FindClose
SetThreadPriority
MulDiv
DefineDosDeviceW
EnumResourceNamesA
TransactNamedPipe
CreateMutexA
GetLastError
GetTimeZoneInformation
TryEnterCriticalSection
TlsGetValue
DeleteFileW
SetWaitableTimer
EnterCriticalSection
SetCommTimeouts
CopyFileW
FindNextFileA
GetThreadPriority
FindFirstChangeNotificationW
LocalLock
GlobalMemoryStatus
SetFileAttributesA
GlobalHandle
WideCharToMultiByte
SearchPathA
GetTimeFormatA
SystemTimeToFileTime
GetStartupInfoA
EnumSystemLocalesA
GetOEMCP
GetPriorityClass
LeaveCriticalSection
lstrcpyW
SuspendThread
GetProcAddress
GlobalLock
CreateNamedPipeW
ConnectNamedPipe
GetModuleHandleA
CompareStringW
VirtualProtect
GetSystemTime
SetTimerQueueTimer
GetShortPathNameW
CreateFileMappingA
GetCurrentThreadId
GlobalFindAtomW
SetLastError
ReadFile
IsBadStringPtrW
CallNamedPipeW
SetFileTime
IsBadReadPtr
GetTickCount
SizeofResource
GetCompressedFileSizeW
GetModuleFileNameW
GetACP
SetThreadContext
GetUserDefaultLangID
IsBadWritePtr
TlsFree
GetSystemWindowsDirectoryA
GetShortPathNameA
SetFilePointer
GetWindowsDirectoryW
RaiseException
GetVersion

Exports

Exports

?BightDialog@@YGEUtext@@@Z
?FiveTialog@@YGEUtext@@@Z

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.netd
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vnet
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kopr
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mant
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sert
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.loba
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73a504913634c43d4cebd397b2658b7d

Headers

File Characteristics

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.edata Size: 512B - Virtual size: 133B

.netd Size: 512B - Virtual size: 28B

.vnet Size: 512B - Virtual size: 64B

.data Size: 4KB - Virtual size: 4KB

.kopr Size: 17KB - Virtual size: 17KB

.mant Size: 17KB - Virtual size: 17KB

.sert Size: 9KB - Virtual size: 8KB

.loba Size: 15KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 67KB - Virtual size: 66KB

.edata
Size: 512B - Virtual size: 133B

.netd
Size: 512B - Virtual size: 28B

.vnet
Size: 512B - Virtual size: 64B

.data
Size: 4KB - Virtual size: 4KB

.kopr
Size: 17KB - Virtual size: 17KB

.mant
Size: 17KB - Virtual size: 17KB

.sert
Size: 9KB - Virtual size: 8KB

.loba
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB