f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481

Sharing

Copy URL

Twitter E-mail

General

Target

f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481
Size

624KB
MD5

8e15eb8b9b441de311e5c5e1b0d03eaa
SHA1

c5a468e6bf3470bd5dd36fd14651aa16c02a5d70
SHA256

f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481
SHA512

a681393bf927628b6cc7c3fc719c23f8277427d1726e1ee6120f9f1faa1afa5364106f3054d9b58cf6bd4833c882e86bab5257a472a10a591f1413df401273c5
SSDEEP

12288:6IWN4Y2CAdwp/zsIWN4Y2CAdwp/zsIWN4Y2CAdwp/z:65GYswp/Q5GYswp/Q5GYswp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481

Files

f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481
.exe windows:4 windows x86 arch:x86

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
DosDateTimeToFileTime
GetLogicalDriveStringsA
CreateNamedPipeW
GetModuleHandleA
SetCalendarInfoA
MultiByteToWideChar
GetVersionExA
TlsAlloc

user32

GetClassNameA
GetMenuItemInfoW
GetTopWindow
GetDlgItem
SetDlgItemTextW
SetActiveWindow
CloseWindow
LoadMenuA
IsWindow
GetWindowRect
UnregisterClassW
DeleteMenu
RegisterClassW
CreateAcceleratorTableA
WinHelpW
CreateWindowExA
CreatePopupMenu
InsertMenuItemA
EnableWindow
CreateDialogIndirectParamW
GetForegroundWindow
SendDlgItemMessageA
CheckMenuItem
ClientToScreen
SendMessageA
wvsprintfA
GetSysColorBrush
InvalidateRgn
MessageBeep
GetScrollPos
InvalidateRect
DefDlgProcA
ActivateKeyboardLayout
TrackPopupMenuEx
GetDCEx
CallWindowProcA
SetWindowRgn

gdi32

CreateEnhMetaFileA
ResetDCA
GetCharWidthW
CreateEnhMetaFileW
GetLayout
PolylineTo
GetColorSpace
GetTextExtentExPointW

advapi32

RegDeleteKeyA
RegOpenKeyW
RegDeleteValueA
RegCreateKeyExW
RegOpenKeyW
RegReplaceKeyA

shlwapi

PathRemoveBackslashA
DllGetVersion
PathBuildRootA
SHDeleteValueW
StrStrNW
PathCommonPrefixW
SHRegSetUSValueW
PathRemoveBlanksA
StrRChrIA
SHCreateStreamOnFileEx
UrlGetLocationA

comdlg32

GetSaveFileNameA
LoadAlterBitmap
ChooseFontA
GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

oleaut32

VarI4FromUI1
VarBstrFromR8
VarUI1FromR8
VarUI1FromStr
VarDateFromDisp
VarIdiv
VectorFromBstr

Sections

.FrbNhz
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oMkBIA
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YsUsFU
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kJecJt
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bl
Size: 5KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comdlg32

oleaut32

Sections

.FrbNhz Size: 11KB - Virtual size: 10KB

.oMkBIA Size: 3KB - Virtual size: 26KB

.YsUsFU Size: 2KB - Virtual size: 51KB

.kJecJt Size: 13KB - Virtual size: 12KB

.bl Size: 5KB - Virtual size: 296KB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 1024B - Virtual size: 964B

.FrbNhz
Size: 11KB - Virtual size: 10KB

.oMkBIA
Size: 3KB - Virtual size: 26KB

.YsUsFU
Size: 2KB - Virtual size: 51KB

.kJecJt
Size: 13KB - Virtual size: 12KB

.bl
Size: 5KB - Virtual size: 296KB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 1024B - Virtual size: 964B