c130466a1f313ee3fa2b657eaf5d2ec61ea37c05ebe891327f295e69e0037d17N

Sharing

Copy URL

Twitter E-mail

General

Target

c130466a1f313ee3fa2b657eaf5d2ec61ea37c05ebe891327f295e69e0037d17N
Size

102KB
MD5

779364d148f25b6625d6d7ede9fb4eb0
SHA1

226999d512d34db48123171aab80c276a4247921
SHA256

c130466a1f313ee3fa2b657eaf5d2ec61ea37c05ebe891327f295e69e0037d17
SHA512

51f0a9faaac0aa5ec8aa215c037b255e1bfd462cbea62d79265db04c6fb00e4d96ff9a694c86426a222264006a4e6a9508e09c9f486cc0d1137a6451b2415b15
SSDEEP

1536:8aY/En7Ri7DM3ZUYru4hwRO/M4G+MAttLrrHOGJXyYwkSQGv0p9bWAY:8aY0ibMx5LrxJCY0v0pMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c130466a1f313ee3fa2b657eaf5d2ec61ea37c05ebe891327f295e69e0037d17N

Files

c130466a1f313ee3fa2b657eaf5d2ec61ea37c05ebe891327f295e69e0037d17N
.exe windows:5 windows x86 arch:x86

33fa2fabf6b0ecf5ba469ad0a144d196

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
OutputDebugStringW
WideCharToMultiByte
GlobalAlloc
GetCurrentThread
IsBadReadPtr
GetLastError
lstrlenW
GetSystemTimeAsFileTime
QueryPerformanceCounter
DeleteCriticalSection
LocalFree
lstrcpyW
GlobalUnlock
InterlockedDecrement
GetStartupInfoA
GetProcAddress
SetUnhandledExceptionFilter
GetModuleFileNameW
FormatMessageW
lstrcmpiW
GetSystemWindowsDirectoryW
GlobalLock
LoadLibraryW
InterlockedIncrement
GetSystemDefaultLangID
GetComputerNameW
GlobalFree
GetTickCount
FileTimeToSystemTime
InitializeCriticalSection
CreateFileW
OutputDebugStringA
GetModuleHandleA
FileTimeToLocalFileTime
LocalReAlloc
GetCPInfo
GetDateFormatW
SetLastError
GetCurrentProcess
CloseHandle

msvcrt

_onexit
memmove
mbstowcs
wcstoul
_except_handler3
free
wcsrchr
wcslen
_initterm
_adjust_fdiv
_wcsupr
__dllonexit
wcscmp
malloc
wcscat
wcschr
vswprintf
wcsstr
__RTDynamicCast
wcscpy
??3@YAXPAX@Z
??2@YAPAXI@Z
_wcsicmp
?terminate@@YAXXZ
??1type_info@@UAE@XZ

user32

SetFocus
DialogBoxParamW
RegisterClipboardFormatW
PostMessageW
SetWindowTextW
SetCursor
WinHelpW
LoadCursorW
SetWindowLongW
InsertMenuItemW
GetDlgItemTextA
ReleaseDC
MessageBoxW
EndDialog
LoadBitmapW
GetWindowLongW
GetDlgItem
SetDlgItemTextW
SystemParametersInfoW
SendDlgItemMessageW
SendMessageW
LoadIconW
wsprintfW
GetDC
LoadStringW
EnableWindow
LoadImageW
GetParent

comctl32

CreatePropertySheetPageW
PropertySheetW

certcli

CAFreeCAProperty
CACertTypeGetSecurity
CASetCertTypeFlags
CASetCertTypeKeySpec
CAGetCertTypeKeySpec
CAGetCertTypeFlags
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CAFindByName
CAGetCertTypeExtensions
CASetCertTypeProperty
CAUpdateCertType
CAEnumNextCertType
CAGetCAProperty
CAGetCertTypeProperty
CAEnumCertTypes
CACreateCertType
CARemoveCACertificateType
CAFindCertTypeByName
CASetCertTypeExtension
CACloseCA
CACloseCertType
CACertTypeSetSecurity
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAUpdateCA
CAAddCACertificateType

advapi32

RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33fa2fabf6b0ecf5ba469ad0a144d196

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

certcli

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 87KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 87KB

.rsrc
Size: 25KB - Virtual size: 25KB