11ca7a96499fe12ee8f37a896ba43052bcd936775be2475db4c80469e298a0f6

Sharing

Copy URL

Twitter E-mail

General

Target

11ca7a96499fe12ee8f37a896ba43052bcd936775be2475db4c80469e298a0f6
Size

187KB
MD5

d733b00a9267fb7569ac2b14e206eb67
SHA1

276b638a41c807ee9a8d93b67f5599fb1bc30fff
SHA256

11ca7a96499fe12ee8f37a896ba43052bcd936775be2475db4c80469e298a0f6
SHA512

f407f7cdadc1889b6d55d021f3426bb80625de13c569c9df1753bea1b284b48e6833b1120e8596a4fd61800110a73269aed8ad3440506d248d957305983cc608
SSDEEP

3072:VUHqpj+iHwsE3+64QSuedh+wyYE8pCaHSJaDf+HyUaP/wooi:iZsE3+SSuYxN4gD+SX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11ca7a96499fe12ee8f37a896ba43052bcd936775be2475db4c80469e298a0f6

Files

11ca7a96499fe12ee8f37a896ba43052bcd936775be2475db4c80469e298a0f6
.exe windows:4 windows x86 arch:x86

3175b7144e464e0d374548d2703bbf42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
GetCurrentProcessId
GetCalendarInfoW
lstrcpyW
ReadFile
GetVersion
ConvertDefaultLocale
LocalFileTimeToFileTime
LoadLibraryW
DeleteFileW
GetLocaleInfoW
SetFileTime
CreateDirectoryW
FindClose
FindFirstFileW
CreateFileW
SystemTimeToFileTime
WriteFile
EnumResourceLanguagesW
EnumResourceNamesA
WideCharToMultiByte
InterlockedDecrement
SetFilePointer
ExitProcess
RemoveDirectoryW
MultiByteToWideChar
MoveFileW
GetModuleFileNameW
GetCurrentDirectoryW
GetSystemDefaultLangID
GetFileAttributesW
GetProcAddress

ole32

CoInitialize
CoRegisterMessageFilter
CoGetClassObject
OleInitialize
OleIsCurrentClipboard
OleUninitialize
CoRetireServer
CoTaskMemAlloc
CreateILockBytesOnHGlobal
OleFlushClipboard
CLSIDFromProgID
CoFreeUnusedLibraries
CoTaskMemFree
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoCreateInstance
CoUninitialize
StgOpenStorageOnILockBytes
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
PathFileExistsW
PathFindFileNameW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

GetStockObject
GetMapMode
RectVisible
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
GetDeviceCaps
TextOutW
Escape
SelectObject
GetTextColor
SetWindowExtEx
DeleteDC
ScaleViewportExtEx
GetBkColor
ExtTextOutW
GetRgnBox

user32

SendDlgItemMessageA
CopyAcceleratorTableW
RemovePropW
SetRect
RegisterWindowMessageW
WinHelpW
IsRectEmpty
GetNextDlgTabItem
InvalidateRect
CharNextW
MessageBeep
CharUpperW
CreateWindowExW
GetPropW
GetClassInfoExW
SetPropW
GetClassLongW
GetNextDlgGroupItem
InvalidateRgn
DestroyMenu

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3175b7144e464e0d374548d2703bbf42

Headers

File Characteristics

Imports

kernel32

ole32

oleacc

advapi32

shlwapi

shell32

gdi32

user32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 78KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 68KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 78KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 68KB