029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fbN

Sharing

Copy URL

Twitter E-mail

General

Target

029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fbN
Size

304KB
MD5

b5c30d0e415861f40c00cb4a79e7a280
SHA1

60354e80dc2e3b541f791a6f4610b80ebd82eae8
SHA256

029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fb
SHA512

8c0bd617cfd8e9fc215bb5b26a1d0f2239aa3d022e240a4d713a9e9c0ece6156ae9cd64b79b297737377d150125af098d8b231c7db9de1b181b2f99da54c9077
SSDEEP

3072:olj9/PP57UJyuhpdDoH5ezT89zCsHoSoGCH:oBPIJy15ezT89zhP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fbN

Files

029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fbN
.exe windows:4 windows x86 arch:x86

3dde60a96c846839192f0864e54d3a04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
CreateDirectoryA
DeleteFileA
MoveFileA
GetVersionExA
GetModuleFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
WriteFile
CreateMutexA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
CreateFileA
SetStdHandle
FlushFileBuffers
GetProcAddress
LoadLibraryA
SetEndOfFile
CloseHandle
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
ReadFile
GetLastError

user32

SetWindowTextA
SetFocus
GetDlgItem
EndDialog
CheckRadioButton
MessageBoxA
DialogBoxParamA
IsDlgButtonChecked

shell32

SHGetSpecialFolderPathA
ShellExecuteExA

comctl32

ord17

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�~��u
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dde60a96c846839192f0864e54d3a04

Headers

File Characteristics

Imports

kernel32

user32

shell32

comctl32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 22KB

.data1 Size: 4KB - Virtual size: 1KB

.rsrc Size: 216KB - Virtual size: 214KB

�~���u Size: 20KB - Virtual size: 20KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 22KB

.data1
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 216KB - Virtual size: 214KB

�~��u
Size: 20KB - Virtual size: 20KB