PEview-0[.]9[.]9[.]0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

PEview-0.9.9.0.exe
Size

66KB
MD5

ec63e8be0717bd92c0ffbf7a21749a54
SHA1

285d712e45d0e20cbd3451f2fa28d922dd248efb
SHA256

ae40e285e70633f33d77ab3be3dd32a03dd272b3a4298e4fff5de5a3a598d831
SHA512

2fb2d5319655efdbe98525979d9a71d936ac0a726a922319ee9ba9430fe7431731aceea2c5afa74f3b20895def12088563d26c9123a41936a303452b0f94bde4
SSDEEP

1536:j1G+oinWc8W6+DiLoXRxET/t756jDslnY8fURUIjc0dK6yP7zc7XrB:jpoinzKNgD5R1yDKrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PEview-0.9.9.0.exe

Files

PEview-0.9.9.0.exe
.exe windows x86

a710f1a3c7d5cfaf980248eaae536ca2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryInfoKeyA

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
GetCurrentDirectoryA
SetCurrentDirectoryA
SearchPathA
CreateFileA
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
CloseHandle
GetLastError
FormatMessageA
RtlUnwind
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
VirtualAlloc
VirtualFree
WideCharToMultiByte

user32

TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetMessageA
DefWindowProcA
LoadImageA
RegisterClassExA
CreateWindowExA
DialogBoxParamA
SetWindowPlacement
UpdateWindow
LoadAcceleratorsA
GetMenu
SetMenuItemInfoA
SendMessageA
SetFocus
GetSystemMetrics
SystemParametersInfoA
GetSysColor
DestroyWindow
PostQuitMessage
ClientToScreen
GetWindowRect
GetWindowPlacement
GetClientRect
SetWindowPos
SetCursorPos
SetCursor
SetCapture
ClipCursor
GetDC
DrawFocusRect
ReleaseCapture
ReleaseDC
GetCursorPos
FillRect
InvalidateRect
SetWindowTextA
PostMessageA
SetForegroundWindow
MessageBoxA
ShowWindow
RedrawWindow
GetDlgItem
EndDialog
MapDialogRect
SetTimer
KillTimer
GetWindowLongA
SetWindowLongA
SetScrollInfo
GetScrollInfo
ScrollDC
BeginPaint
EndPaint

gdi32

SelectObject
DeleteObject
CreateCompatibleDC
BitBlt
DeleteDC
SetBkMode
SetTextColor
CreatePen
CreateFontIndirectA
GetCharacterPlacementA
ExtTextOutA
MoveToEx
LineTo

comdlg32

GetOpenFileNameA
ChooseFontA

comctl32

InitCommonControlsEx
MenuHelp

shell32

DragQueryFileA
DragFinish

Sections

code
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

const
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a710f1a3c7d5cfaf980248eaae536ca2

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

comdlg32

comctl32

shell32

Sections

code Size: 32KB - Virtual size: 32KB

data Size: 1024B - Virtual size: 4KB

const Size: 13KB - Virtual size: 12KB

.rsrc Size: 15KB - Virtual size: 14KB

.idata Size: 3KB - Virtual size: 3KB

code
Size: 32KB - Virtual size: 32KB

data
Size: 1024B - Virtual size: 4KB

const
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 15KB - Virtual size: 14KB

.idata
Size: 3KB - Virtual size: 3KB