396b28fe05be372cc406c7a0ba84459756485a94b8e6540c984500d8e3de9617

General

Target

396b28fe05be372cc406c7a0ba84459756485a94b8e6540c984500d8e3de9617
Size

72KB
MD5

5dc6a5ed69d0f5030d31cefe54df511b
SHA1

d652a827cae45003b1c745a06ddbc063a1d98644
SHA256

396b28fe05be372cc406c7a0ba84459756485a94b8e6540c984500d8e3de9617
SHA512

cef8c2e751e3556f24d78e370b20ce1a743838353864084a4546788a0f5012f844d7395abd9e05279d488fc7431b7671166f37a2e382134fc505ffee212ec2cb
SSDEEP

1536:AWZ73VrSLdyNdnzhk4BXF+5EvvXkQMpah:AkTVrSydnbBXF+5EMah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
396b28fe05be372cc406c7a0ba84459756485a94b8e6540c984500d8e3de9617

Files

396b28fe05be372cc406c7a0ba84459756485a94b8e6540c984500d8e3de9617
.exe windows x86

660a8157cd00176de40080d76fcb319e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DestroyWindow
DefWindowProcA
PostQuitMessage
BeginPaint
EndPaint
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyboardState
GetPropA
GetScrollPos
GetParent
GetMenuItemID
GetMenu
TranslateAcceleratorA
GetScrollRange

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
VirtualAlloc
Sleep
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
GetStartupInfoA
GetProcAddress
GetCommandLineA
LoadLibraryA
CloseHandle
SleepEx
ReadFile
CreateFileA
lstrcpyA
HeapReAlloc
SetHandleCount
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent

gdi32

DeleteDC
CreateCompatibleDC

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

660a8157cd00176de40080d76fcb319e

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 13KB - Virtual size: 12KB