c84292350aeac915c3b7f60b6ccf4ce53ee1e66ecd95e6ab89854a7e25a35db6N

Sharing

Copy URL

Twitter E-mail

General

Target

c84292350aeac915c3b7f60b6ccf4ce53ee1e66ecd95e6ab89854a7e25a35db6N
Size

137KB
MD5

1ec896b37219cdfec6395914801d3f20
SHA1

e95ac90c90746ec63b00648e7a1a219a2ce78e8f
SHA256

c84292350aeac915c3b7f60b6ccf4ce53ee1e66ecd95e6ab89854a7e25a35db6
SHA512

ef39ea5c87fe51463153deba54ec55f6bb188ec366f8f3cbcd6eed5b60cad36d925e7f556efc2a23662fdf9432a6fc36860391e3118449d44ac4c490d8d190cb
SSDEEP

3072:ChtgJ1roIo18vm/wcs90xIH7dSsjS+8+ElgfOKHxyOCP9Pmtd9:SgDC7snpSl+8kyOM4td

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c84292350aeac915c3b7f60b6ccf4ce53ee1e66ecd95e6ab89854a7e25a35db6N

Files

c84292350aeac915c3b7f60b6ccf4ce53ee1e66ecd95e6ab89854a7e25a35db6N
.exe windows:6 windows x86 arch:x86

498726797b7dd202dd41a1b2d96b9559

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord29

kernel32

AddAtomW
SetFileApisToOEM
GetExitCodeThread
TlsSetValue
GetWindowsDirectoryA
FindResourceA
CancelWaitableTimer
HeapCreate
GetModuleFileNameA
UnhandledExceptionFilter
DisconnectNamedPipe
FindResourceW
OpenSemaphoreW
MoveFileExA
GetSystemInfo
SetCurrentDirectoryW
CreateFileA
GetThreadContext
GlobalSize
lstrcatA
LCMapStringW
CreateMutexW
GetBinaryTypeW
SetEndOfFile
SetCurrentDirectoryA
DeleteCriticalSection
GlobalGetAtomNameW
SetMailslotInfo
GetCommModemStatus
GetFileInformationByHandle
DeleteFileA
CreatePipe
IsValidLanguageGroup
FindClose
SetThreadPriority
MulDiv
DefineDosDeviceW
EnumResourceNamesA
TransactNamedPipe
CreateMutexA
GetLastError
GetTimeZoneInformation
TryEnterCriticalSection
TlsGetValue
DeleteFileW
SetWaitableTimer
EnterCriticalSection
SetCommTimeouts
CopyFileW
FindNextFileA
GetThreadPriority
FindFirstChangeNotificationW
LocalLock
GlobalMemoryStatus
SetFileAttributesA
GlobalHandle
WideCharToMultiByte
SearchPathA
GetTimeFormatA
SystemTimeToFileTime
GetStartupInfoA
EnumSystemLocalesA
GetOEMCP
GetPriorityClass
LeaveCriticalSection
lstrcpyW
SuspendThread
GetProcAddress
GlobalLock
CreateNamedPipeW
ConnectNamedPipe
GetModuleHandleA
CompareStringW
VirtualProtect
GetSystemTime
SetTimerQueueTimer
GetShortPathNameW
CreateFileMappingA
GetCurrentThreadId
GlobalFindAtomW
SetLastError
ReadFile
IsBadStringPtrW
CallNamedPipeW
SetFileTime
IsBadReadPtr
GetTickCount
SizeofResource
GetCompressedFileSizeW
GetModuleFileNameW
GetACP
SetThreadContext
GetUserDefaultLangID
IsBadWritePtr
TlsFree
GetSystemWindowsDirectoryA
GetShortPathNameA
SetFilePointer
GetWindowsDirectoryW
RaiseException
GetVersion

Exports

Exports

?BightDialog@@YGEUtext@@@Z
?FiveTialog@@YGEUtext@@@Z

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 549B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.netd
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vnet
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kopr
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mant
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sert
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.loba
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

498726797b7dd202dd41a1b2d96b9559

Headers

File Characteristics

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.edata Size: 1024B - Virtual size: 549B

.netd Size: 512B - Virtual size: 28B

.vnet Size: 512B - Virtual size: 64B

.data Size: 4KB - Virtual size: 4KB

.kopr Size: 17KB - Virtual size: 17KB

.mant Size: 17KB - Virtual size: 17KB

.sert Size: 9KB - Virtual size: 8KB

.loba Size: 15KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 67KB - Virtual size: 66KB

.edata
Size: 1024B - Virtual size: 549B

.netd
Size: 512B - Virtual size: 28B

.vnet
Size: 512B - Virtual size: 64B

.data
Size: 4KB - Virtual size: 4KB

.kopr
Size: 17KB - Virtual size: 17KB

.mant
Size: 17KB - Virtual size: 17KB

.sert
Size: 9KB - Virtual size: 8KB

.loba
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB