85218be3cb195f370de100c8cfd11151cbf8be3a6529b11d67fd495dafc7421f

Sharing

Copy URL

Twitter E-mail

General

Target

85218be3cb195f370de100c8cfd11151cbf8be3a6529b11d67fd495dafc7421f
Size

176KB
MD5

11c075888cbd2657bf6b5c0fd4e0d4b5
SHA1

ec714b3eab8aae5556b18287d5545c06c7df2305
SHA256

85218be3cb195f370de100c8cfd11151cbf8be3a6529b11d67fd495dafc7421f
SHA512

58fbfd01e709ac1416998554c7dbc9deba352edc9610da37b861f942d11e75c56f33e4dbf664b1a0d1de6afead9a4819747bee67543cd8c8b0fe033b937965f9
SSDEEP

1536:soBX0pVkXotHPPMyup9IefTA0+RxNINFGgx7nqV+eoLO:H07kXmHPPMDZfTj+RxSN/i+eo6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85218be3cb195f370de100c8cfd11151cbf8be3a6529b11d67fd495dafc7421f

Files

85218be3cb195f370de100c8cfd11151cbf8be3a6529b11d67fd495dafc7421f
.exe windows:4 windows x86

974a90279324755ec661acaaefdc81b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
TranslateMessage
GetMessageA
MessageBoxA
RegisterClassA
GetDC
ReleaseDC
DrawTextA
BeginPaint
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA

gdi32

CreatePen
SelectObject
MoveToEx
LineTo
TextOutA
Rectangle
GetStockObject
CreateFontIndirectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
ChooseColorA

kernel32

MultiByteToWideChar
HeapReAlloc
VirtualAlloc
HeapAlloc
LCMapStringA
GetACP
GetCPInfo
HeapValidate
IsBadReadPtr
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle
GetOEMCP
GetProcAddress
IsBadWritePtr
SetConsoleCtrlHandler
GetLastError
RtlUnwind
VirtualFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

974a90279324755ec661acaaefdc81b0

Headers

File Characteristics

Imports

user32

gdi32

comdlg32

kernel32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB